de6d0b97ae4584dad0b5a67f43687bdb

Sharing

Copy URL Twitter E-mail

General

Target

de6d0b97ae4584dad0b5a67f43687bdb
Size

362KB
MD5

de6d0b97ae4584dad0b5a67f43687bdb
SHA1

e089f1fe30ad66f48d2b384320eb7e123a6500cb
SHA256

4a5e1e46435e4c98f8b72107cec4a2095f71b2e10d5d91bb3fc499db0079dcdf
SHA512

ef8f6cfe4ecf84bfe8b059bb1300da813a2415f62bfb249cc4a0589ae3e96fb8fe040c72d4e8163e2d013afa34874031558b5d3f18de346c020edffade643233
SSDEEP

6144:olWKmraZ1P5pzkhwChw92C3rJjZcvJ3MoE2E0z99kjBLnSnBRDA0RfVXdJQpXxX4:ollm8P5dSiLnIfQUz4QvTfdt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de6d0b97ae4584dad0b5a67f43687bdb

Files

de6d0b97ae4584dad0b5a67f43687bdb
.dll windows:4 windows x86 arch:x86

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetBkMode
SetGraphicsMode
SetTextColor
ModifyWorldTransform
SelectObject
GetStockObject
GetObjectA
SaveDC
RestoreDC
SetWindowOrgEx
GetDeviceCaps
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SetViewportOrgEx

shell32

ShellExecuteA

ddraw

DirectDrawCreateEx
DDGetAttachedSurfaceLcl

oleaut32

SysFreeString
LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
SysStringByteLen
SysStringLen
VarUI4FromStr
VariantClear
VariantInit

comctl32

ord17

user32

RedrawWindow
PtInRect
MessageBoxA
MapDialogRect
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
GetParent
GetFocus
GetDlgItem
RegisterClassExA
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
CallWindowProcA
BeginPaint
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
UnregisterClassA
GetDlgCtrlID
wsprintfA
RegisterWindowMessageA

advapi32

RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA

kernel32

QueryPerformanceCounter
MultiByteToWideChar
RaiseException
SetLastError
MulDiv
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
SizeofResource
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
IsProcessorFeaturePresent

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2

Exports

Exports

ComputeIMTFromTexture
CreateLine
LoadFileOffset
MatrixPerspectiveOffCenterRH
SHRotate
SaveBitmap
SaveData
Vec3Project
Vec3TransformNormal
VecFeedLoad
mpegInUpdateFiles

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shell32

ddraw

oleaut32

comctl32

user32

advapi32

kernel32

ole32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 191KB - Virtual size: 190KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 191KB - Virtual size: 190KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 2KB - Virtual size: 1KB