d52965ed954c5af217083483d25f1933f9e06e7eae36da404e6636a61aa6f314

Sharing

Copy URL

Twitter E-mail

General

Target

d52965ed954c5af217083483d25f1933f9e06e7eae36da404e6636a61aa6f314
Size

3.6MB
MD5

2fd1916e1ae602e177584ad36cf19867
SHA1

45f343593ccb2621b6a545121b3acd2edcc446af
SHA256

d52965ed954c5af217083483d25f1933f9e06e7eae36da404e6636a61aa6f314
SHA512

b5f04873b88cbd1ea7ccd054afb8b3a1fe160c533d6b98ab14b84ac54a69135e030c92772e3a467aa40539872d41ff268c5e0103f224ecf3af91beec251579d9
SSDEEP

98304:8wgwmJU1PfJie8YsLCvyDnXyN4L7LLLLLLLEErLLLLLJLEGLbLLLLLLL7EGLpLLi:83FJUdfYIvyDnXAqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d52965ed954c5af217083483d25f1933f9e06e7eae36da404e6636a61aa6f314

Files

d52965ed954c5af217083483d25f1933f9e06e7eae36da404e6636a61aa6f314
.exe windows:6 windows x64 arch:x64

710f3be3e582379b29eb40cad7d587e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetExitCodeProcess
CreateProcessW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetFileType
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
ExitProcess
RtlUnwind
RtlUnwindEx
GetCPInfo
GetStringTypeW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
QueryPerformanceFrequency
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitOnceBeginInitialize
InitOnceComplete
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
RtlPcToFileHeader
RaiseException
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
GetTempFileNameW
FindResourceExW
GetTempPathW
GetProfileIntW
GetTickCount
WideCharToMultiByte
GetModuleHandleW
CreateThread
CloseHandle
Process32FirstW
DeleteFileW
Process32NextW
Sleep
MultiByteToWideChar
CreateToolhelp32Snapshot
OpenProcess
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
FindResourceW
LoadResource
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
GetTickCount64
SearchPathW
GetWindowsDirectoryW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
SizeofResource
SetEvent
CreateEventW
GetCurrentThreadId
SetThreadPriority
ResumeThread
OutputDebugStringA
SetLastError
GetCurrentThread
GetVersionExW
FreeLibrary
GetModuleHandleExW
LoadLibraryExW
LoadLibraryW
GlobalAlloc
GlobalLock
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
GlobalAddAtomW
GlobalUnlock
GlobalFree
lstrcpyW
GlobalSize
LocalFree
MulDiv
FormatMessageW
CopyFileW
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
CompareStringW
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
GetThreadLocale
GlobalGetAtomNameW
FileTimeToSystemTime
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW

user32

LoadIconW
GetClientRect
KillTimer
IsIconic
EnableWindow
UnregisterClassW
TranslateMessage
PeekMessageW
SetTimer
DispatchMessageW
DrawIcon
GetMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostMessageW
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetWindowThreadProcessId
GetLastActivePopup
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
SetActiveWindow
GetDesktopWindow
RegisterWindowMessageW
GetFocus
GetWindowRect
ClientToScreen
ScreenToClient
PtInRect
UnhookWindowsHookEx
SetWindowPos
SetWindowContextHelpId
GetWindow
MapDialogRect
GetKeyNameTextW
MapVirtualKeyW
GetDC
ReleaseDC
CopyRect
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
MsgWaitForMultipleObjects
FillRect
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
LoadMenuW
DrawStateW
UpdateWindow
InvalidateRect
GetClassNameW
GetWindowTextW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
SetFocus
GetCapture
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
SetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetSystemMetrics
AdjustWindowRectEx
MapWindowPoints
EqualRect
SetWindowLongW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassLongPtrW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
MoveWindow
CheckDlgButton
SetWindowTextW
SendMessageW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
CopyImage
SystemParametersInfoW
DeleteMenu
RealChildWindowFromPoint
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
LoadCursorW
GetSysColorBrush
DestroyIcon
CharUpperW
TrackMouseEvent
IsZoomed
GetAsyncKeyState
GetSystemMenu
SetWindowRgn
MessageBeep
InflateRect
IntersectRect
NotifyWinEvent
CreatePopupMenu
GetMenuItemInfoW
GetMenuDefaultItem
SetMenuDefaultItem
IsRectEmpty
UpdateLayeredWindow
DestroyMenu
EnableScrollBar
UnionRect
MonitorFromPoint
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
GetNextDlgGroupItem
SetLayeredWindowAttributes
EnumDisplayMonitors
LoadImageW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawIconEx
RegisterClipboardFormatW
DrawEdge
DrawFrameControl
DrawFocusRect
SetClassLongPtrW
SetParent
CharUpperBuffW
LockWindowUpdate
ModifyMenuW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
CopyIcon
FrameRect
PostThreadMessageW
GetIconInfo
HideCaret
InvertRect
IsClipboardFormatAvailable
GetDoubleClickTime
DestroyCursor
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
GetComboBoxInfo
GetUpdateRect
CreateMenu
SubtractRect
GetWindowRgn
GetWindowTextLengthW
GetSysColor
IsDialogMessageW

gdi32

GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
SetPaletteEntries
ExtFloodFill
LPtoDP
SetPixelV
GetTextFaceW
CreateDCW
CopyMetaFileW
PatBlt
CreateRectRgnIndirect
CreateCompatibleDC
CreateBitmap
BitBlt
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
OffsetRgn
SetDIBColorTable
DeleteDC
LineTo
StretchBlt
SetPixel
RealizePalette
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
DPtoLP
SetRectRgn
GetMapMode
CombineRgn
GetRgnBox
GetTextColor
GetBkColor
CreateDIBSection
CreateCompatibleBitmap
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
CreateHatchBrush
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
GetDeviceCaps

dpscan

?Scan@CDpScan@@QEAA?AV?$vector@V?$vector@_KV?$allocator@_K@std@@@std@@V?$allocator@V?$vector@_KV?$allocator@_K@std@@@std@@@2@@std@@V?$vector@MV?$allocator@M@std@@@3@MHH@Z
?flatten@CDpScan@@QEAA?AV?$vector@_KV?$allocator@_K@std@@@std@@AEBV?$vector@V?$vector@_KV?$allocator@_K@std@@@std@@V?$allocator@V?$vector@_KV?$allocator@_K@std@@@std@@@2@@3@_K@Z

opencv_core249

?create@Mat@cv@@QEAAXHPEBHH@Z
??0_InputArray@cv@@QEAA@AEBVMat@1@@Z
?_interlockedExchangeAdd@cv@@YAHPEAHH@Z
?deallocate@Mat@cv@@QEAAXXZ
?copySize@Mat@cv@@QEAAXAEBV12@@Z
?fastFree@cv@@YAXPEAX@Z
??0_OutputArray@cv@@QEAA@AEAVMat@1@@Z

opencv_imgproc249

?resize@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@V?$Size_@H@1@NNH@Z

msimg32

AlphaBlend
TransparentBlt

advapi32

OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
LookupPrivilegeValueW

shell32

SHGetDesktopFolder
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
ShellExecuteW
DragQueryFileW
DragFinish
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFileExistsW
StrFormatKBSizeW
PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

uxtheme

DrawThemeParentBackground
GetThemePartSize
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
ReleaseStgMedium
OleDuplicateData
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocStringLen
SafeArrayDestroy
VariantInit
LoadTypeLi
OleCreateFontIndirect
VarBstrFromDate
VariantCopy

oledlg

OleUIBusyW

gdiplus

GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipDeleteGraphics

mvcamsdk_x64

CameraSetImageResolution
CameraSetMirror
CameraSetPresetClrTemp
CameraLoadParameter
CameraSetSaturation
CameraGetCapability
CameraGetImageResolution
CameraPause
CameraSetFriendlyName
CameraSetAnalogGain
CameraSetRotate
CameraSetFrameSpeed
CameraSetOnceWB
CameraSetTriggerMode
CameraEnumerateDevice
CameraSetWbMode
CameraImageProcess
CameraSetGain
CameraSetCallbackFunction
CameraSetAeState
CameraInit
CameraLoadUserData
CameraGetGain
CameraGetFriendlyName
CameraSaveUserData
CameraUnInit
CameraSdkInit
CameraPlay
CameraSetExposureTime
CameraSetClrTempMode

cmvcamsdk

CCameraEnumerateDeviceEx
CCameraSetDigitalGain
CCameraSaveUserData
CCameraSetImageResolution
CCameraPlay
CCameraPause
CCameraSetFriendlyName
CCameraGetCapability
CCameraIsOpened
CCameraLoadUserData
CCameraGetImageResolution
CCameraImageProcess
CCameraSetAnalogGain
CCameraGetGain
CCameraSetAeState
CCameraSetExposureTime
CCameraSdkc2w
CCameraUnInit
CCameraSetMirror
CCameraGetFriendlyName
CCameraSetCallbackFunction
CCameraGetDeviceInfo
CCameraSetGain
CCameraInit
CCameraSetTriggerMode
CCameraSdkInit

vcomp140

_vcomp_for_static_simple_init
omp_get_thread_num
omp_get_num_threads
omp_get_max_threads
_vcomp_for_static_end
_vcomp_atomic_sub_i4
_vcomp_set_num_threads
_vcomp_fork

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winmm

PlaySoundW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 624KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 540KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

710f3be3e582379b29eb40cad7d587e4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

dpscan

opencv_core249

opencv_imgproc249

msimg32

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

mvcamsdk_x64

cmvcamsdk

vcomp140

oleacc

winmm

imm32

winspool.drv

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 624KB - Virtual size: 624KB

.data Size: 46KB - Virtual size: 78KB

.pdata Size: 103KB - Virtual size: 103KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 540KB - Virtual size: 539KB

.reloc Size: 61KB - Virtual size: 61KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 624KB - Virtual size: 624KB

.data
Size: 46KB - Virtual size: 78KB

.pdata
Size: 103KB - Virtual size: 103KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 540KB - Virtual size: 539KB

.reloc
Size: 61KB - Virtual size: 61KB