8364bae4e2951957403cbe3a78362edb7d41c34f49c81f0336fcb28d1510d5e1

Sharing

Copy URL Twitter E-mail

General

Target

8364bae4e2951957403cbe3a78362edb7d41c34f49c81f0336fcb28d1510d5e1
Size

984KB
MD5

2ac9de68c0def72fb18b04a9918c91cc
SHA1

02d5bbcf9e070565be1b5add17ac8b87931e1dc1
SHA256

8364bae4e2951957403cbe3a78362edb7d41c34f49c81f0336fcb28d1510d5e1
SHA512

25e237276e4a8db1b847ba96fb333e81958cbd08d99e2fbec45a06afa613d92cf47811f1d372cd5f2534dd116c3952f3faef1c5c4fc6a8d3c2d89b4cc70a6c5b
SSDEEP

12288:ij3WE93NAVMP6c6iihuu1tco20EAQk6IDTWcGY++XbvVIbRY78hPJQz:U4MDToCk6IDTWcpvVKf8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8364bae4e2951957403cbe3a78362edb7d41c34f49c81f0336fcb28d1510d5e1

Files

8364bae4e2951957403cbe3a78362edb7d41c34f49c81f0336fcb28d1510d5e1
.dll windows:6 windows x86 arch:x86

4e87c3d2cddbcad7909ecdfc2ba6b31d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Imports

kernel32

SetFileAttributesW
CloseHandle
Sleep
GetCurrentProcessId
TerminateProcess
OpenProcess
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcatW
lstrlenW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetCurrentDirectoryA
GetCurrentDirectoryW
CreateDirectoryA
CreateDirectoryW
GetLastError
GetModuleFileNameA
GetModuleFileNameW
lstrcpyA
lstrlenA
CreateFileA
CreateFileW
DeleteFileA
GetFileAttributesA
GetFileSize
ReadFile
SetFilePointer
WriteFile
RemoveDirectoryW
Process32Next
GetTickCount
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
GetVolumeInformationW
DeviceIoControl
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
CreateThread
TerminateThread
CopyFileW
CreateMutexW
ExitProcess
CreateProcessW
OpenMutexW
GetModuleHandleW
ReadDirectoryChangesW
FlushFileBuffers
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetFileSizeEx
DecodePointer
EnumSystemLocalesW
GetUserDefaultLCID
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
Process32First
DeleteFileW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
GetCurrentThreadId
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlUnwind
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
GetModuleHandleExW
HeapValidate
GetSystemInfo
GetCurrentThread
GetStdHandle
GetFileType
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
HeapReAlloc
HeapSize
HeapQueryInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetDateFormatW
GetTimeFormatW
ReadConsoleW

user32

RegisterClassW
CreateWindowExW
PostMessageA
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW
DefWindowProcA

advapi32

RegOpenKeyExW
RegDeleteValueW
RegCloseKey
GetUserNameW
RegSetValueExW

shell32

SHFileOperationW

shlwapi

PathIsDirectoryA

Exports

Exports

DisplayHelloFromDLL
FSDK_ActivateLibrary
FSDK_AssignImageFromBuffer
FSDK_Base64
FSDK_ClearTracker
FSDK_CloseVideoCamera
FSDK_ConvertTrackerTemplates
FSDK_CopyImage
FSDK_CopyRect
FSDK_CopyRectReplicateBorder
FSDK_CopyTracker
FSDK_CopyTrackerParameters
FSDK_CreateContext_ID
FSDK_CreateEmptyImage
FSDK_CreateGrayscaleMode
FSDK_CreateTracker
FSDK_DetectEyes
FSDK_DetectEyesInRegion
FSDK_DetectEyesInRegion_C
FSDK_DetectEyes_C
FSDK_DetectFace
FSDK_DetectFace_C
FSDK_DetectFacialAttributeUsingFeatures
FSDK_DetectFacialFeatures
FSDK_DetectFacialFeaturesEx
FSDK_DetectFacialFeaturesEx_C
FSDK_DetectFacialFeaturesInRegion
FSDK_DetectFacialFeaturesInRegionEx
FSDK_DetectFacialFeaturesInRegionEx_C
FSDK_DetectFacialFeaturesInRegionFast
FSDK_DetectFacialFeaturesInRegionFast_C
FSDK_DetectFacialFeaturesInRegion_C
FSDK_DetectFacialFeatures_C
FSDK_DetectMultipleFaces
FSDK_DetectMultipleFaces_C
FSDK_ExtractFaceImage
FSDK_FaceCrop
FSDK_FaceCrop_C
FSDK_FacePositionToGrid
FSDK_FeedFaceList
FSDK_FeedFrame
FSDK_Finalize
FSDK_FinalizeCapturing
FSDK_FreeBase64Result
FSDK_FreeCameraList
FSDK_FreeContext_ID
FSDK_FreeImage
FSDK_FreeMJpegFrame
FSDK_FreeTracker
FSDK_FreeTrackerIDReassingments
FSDK_FreeVideoFormatList
FSDK_GetAllNames
FSDK_GetCameraList
FSDK_GetCameraListEx
FSDK_GetContextUserField
FSDK_GetDetectedFaceConfidence
FSDK_GetFaceList
FSDK_GetFacePosition
FSDK_GetFacePosition_C
FSDK_GetFaceTemplate
FSDK_GetFaceTemplateInRegion
FSDK_GetFaceTemplateUsingEyes
FSDK_GetFaceTemplateUsingFeatures
FSDK_GetFaceTemplateUsingFeatures_GetCropped
FSDK_GetHardware_ID
FSDK_GetIDMemoryAmount
FSDK_GetIDReassignment
FSDK_GetImageBufferSize
FSDK_GetImageData
FSDK_GetImageHeight
FSDK_GetImageWidth
FSDK_GetLicenseInfo
FSDK_GetMatchingThresholdAtFAR
FSDK_GetMatchingThresholdAtFRR
FSDK_GetMeanGrid
FSDK_GetName
FSDK_GetNumThreads
FSDK_GetSimilarIDCount
FSDK_GetSimilarIDList
FSDK_GetTrackerEyes
FSDK_GetTrackerFacePosition
FSDK_GetTrackerFaceTemplate
FSDK_GetTrackerFacialAttribute
FSDK_GetTrackerFacialFeatures
FSDK_GetTrackerIDReassingments
FSDK_GetTrackerMemoryBufferSize
FSDK_GetTrackerParameter
FSDK_GetTrackerTemplateCount
FSDK_GetValueConfidence
FSDK_GetVideoFormatList
FSDK_GrabFrame
FSDK_GrabFrameMirrored
FSDK_GrabMJpegFrame
FSDK_Initialize
FSDK_InitializeCapturing
FSDK_LoadImageFromBuffer
FSDK_LoadImageFromFile
FSDK_LoadImageFromFileW
FSDK_LoadImageFromFileWithAlpha
FSDK_LoadImageFromFileWithAlphaW
FSDK_LoadImageFromHBitmap
FSDK_LoadImageFromJpegBuffer
FSDK_LoadImageFromPngBuffer
FSDK_LoadImageFromPngBufferWithAlpha
FSDK_LoadTrackerMemoryFromBuffer
FSDK_LoadTrackerMemoryFromFile
FSDK_LocateFace
FSDK_LocateFacialFeatures
FSDK_LockID
FSDK_MatchFaces
FSDK_MatchMultipleFaces
FSDK_MirrorImage
FSDK_MirrorImage_uchar
FSDK_OpenIPVideoCamera
FSDK_OpenVideoCamera
FSDK_PurgeID
FSDK_PutImageAdjustColors
FSDK_ResizeImage
FSDK_ResizeImageXY
FSDK_RotateImage
FSDK_RotateImage90
FSDK_RotateImageCenter
FSDK_SaveImageToBuffer
FSDK_SaveImageToFile
FSDK_SaveImageToFileW
FSDK_SaveImageToFileW_C
FSDK_SaveImageToFile_C
FSDK_SaveImageToHBitmap
FSDK_SaveTrackerMemoryToBuffer
FSDK_SaveTrackerMemoryToFile
FSDK_SetCameraNaming
FSDK_SetCameraNaming_uchar
FSDK_SetContextUserField
FSDK_SetFaceDetectionParameters
FSDK_SetFaceDetectionParameters_C
FSDK_SetFaceDetectionParameters_uchar
FSDK_SetFaceDetectionThreshold
FSDK_SetFaceDetectionThreshold_C
FSDK_SetHTTPProxy
FSDK_SetJpegCompressionQuality
FSDK_SetJpegCompressionQuality_C
FSDK_SetName
FSDK_SetNumThreads
FSDK_SetParameter
FSDK_SetParameter_C
FSDK_SetParameters
FSDK_SetParameters_C
FSDK_SetTrackerMultipleParameters
FSDK_SetTrackerParameter
FSDK_SetVideoFormat
FSDK_UnlockID

Sections

.textbss
Size: - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 774KB - Virtual size: 773KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e87c3d2cddbcad7909ecdfc2ba6b31d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

shlwapi

Exports

Exports

Sections

.textbss Size: - Virtual size: 355KB

.text Size: 774KB - Virtual size: 773KB

.rdata Size: 169KB - Virtual size: 169KB

.data Size: 5KB - Virtual size: 33KB

.idata Size: 5KB - Virtual size: 5KB

.msvcjmc Size: 1024B - Virtual size: 902B

.00cfg Size: 512B - Virtual size: 260B

.reloc Size: 28KB - Virtual size: 27KB

.textbss
Size: - Virtual size: 355KB

.text
Size: 774KB - Virtual size: 773KB

.rdata
Size: 169KB - Virtual size: 169KB

.data
Size: 5KB - Virtual size: 33KB

.idata
Size: 5KB - Virtual size: 5KB

.msvcjmc
Size: 1024B - Virtual size: 902B

.00cfg
Size: 512B - Virtual size: 260B

.reloc
Size: 28KB - Virtual size: 27KB