1de51d6326304fabd58b7d3b6f310afed8008179541e6e9758e9e5ab187ca201

Sharing

Copy URL Twitter E-mail

General

Target

1de51d6326304fabd58b7d3b6f310afed8008179541e6e9758e9e5ab187ca201
Size

4.3MB
MD5

07a5caf39fcf4d10ca2a4a32c067acee
SHA1

e2aec2be60d318842894a70358b08b065c67523c
SHA256

1de51d6326304fabd58b7d3b6f310afed8008179541e6e9758e9e5ab187ca201
SHA512

4ba3028097edf0ec7e4fcb6cb3beae7ee49733f433c7291dad1b9a053d79960c04bc4aa1897a2fbf58b7cdfdbb6f5858c31feca8e3e03c2c0347855e4d79bdc4
SSDEEP

98304:KK1EeSnir32vtIARSIuEiMHQjHi7L0CU/GbH1vCw2oJGP:KKiVUun0CU/wH16w20C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1de51d6326304fabd58b7d3b6f310afed8008179541e6e9758e9e5ab187ca201

Files

1de51d6326304fabd58b7d3b6f310afed8008179541e6e9758e9e5ab187ca201
.exe windows:6 windows x86 arch:x86

d60561af9d50aee0f2c0141f1529d1a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
PlaySoundW
timeBeginPeriod
timeGetTime

msacm32

acmStreamSize
acmStreamClose
acmStreamOpen
acmStreamConvert
acmStreamPrepareHeader
acmStreamUnprepareHeader
acmFormatSuggest

d3d11

D3D11CreateDevice

vcruntime140

memchr
wcsrchr
_purecall
__std_terminate
wcsstr
memset
memmove
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
strchr
_except_handler4_common
strrchr

d2d1

ord1

dwrite

DWriteCreateFactory

chakracore

JsCallFunction
JsPointerToString
JsCreateArray
JsSetExternalData
JsGetExternalData
JsSetIndexedProperty
JsGetIndexedProperty
JsSetPrototype
JsCreateExternalObject
JsConvertValueToString
JsNumberToDouble
JsBooleanToBool
JsAddRef
JsStringToPointer
JsGetPropertyIdFromName
JsRunScript
JsGetAndClearException
JsCreateFunction
JsSetProperty
JsGetProperty
JsCreateObject
JsGetGlobalObject
JsNumberToInt
JsIntToNumber
JsDoubleToNumber
JsCreateRuntime
JsCollectGarbage
JsDisposeRuntime
JsRelease
JsCreateContext
JsSetCurrentContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
RaiseException

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
LeaveCriticalSection
EnterCriticalSection
SetEvent
ResetEvent
InitializeCriticalSectionEx
ReleaseSemaphore
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateEventW
TryEnterCriticalSection

api-ms-win-core-file-l1-1-0

GetFileSize
CreateFileW
WriteFile
CreateDirectoryW
SetFilePointerEx
ReadFile
GetFileType
DeleteFileW
FindFirstFileExW
GetDriveTypeW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemInfo
GetVersionExW
GetTickCount64

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-com-l1-1-0

PropVariantClear
CLSIDFromString
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoFreeUnusedLibraries
CoCreateInstance

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
FreeLibrary
SizeofResource
GetModuleHandleExW
FreeLibraryAndExitThread
GetProcAddress
GetModuleHandleW
LoadResource
LockResource

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-l1-1-0

GetStringTypeExW
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-synch-l1-2-1

CreateSemaphoreW
WaitForMultipleObjects

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW
lstrcmpW
lstrcpynW
lstrlenW

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegEnumValueW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyW

api-ms-win-core-processthreads-l1-1-0

CreateThread
SetThreadPriority
ExitProcess
GetCurrentProcess
ExitThread
GetCurrentThreadId
GetCurrentThread
ResumeThread

api-ms-win-core-debug-l1-1-0

OutputDebugStringW

api-ms-win-core-heap-l2-1-0

GlobalFree
GlobalAlloc

api-ms-win-core-util-l1-1-0

DecodePointer

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapQueryInformation
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage

api-ms-win-core-localization-l1-2-0

GetACP
GetSystemDefaultLangID
LCMapStringW
GetCPInfo
GetOEMCP
IsValidCodePage

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualFree
VirtualAlloc

oleaut32

SysAllocString
SysAllocStringLen
VarBstrFromDate
VariantInit
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantCopy
VariantChangeType
VariantClear

kernel32

SetLastError
GetModuleHandleA
LoadLibraryExW
LoadLibraryA
EncodePointer
GetSystemDirectoryW
GlobalDeleteAtom
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
GlobalUnlock
GlobalLock
GlobalSize
LocalFree
MulDiv
FormatMessageW
CopyFileW
SuspendThread
lstrcmpA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
GetFileAttributesW
GetFileTime
GetTempFileNameW
GlobalGetAtomNameW
FileTimeToLocalFileTime
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
UnlockFile
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
LocalAlloc
SetErrorMode
lstrcpyW
GlobalFlags
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetLocaleInfoW
GetSystemDefaultUILanguage
VirtualProtect
GetCurrentDirectoryW
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
FindResourceExW
GetTempPathW
GetProfileIntW
SearchPathW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
OutputDebugStringA
FindFirstFileW
GetFileAttributesExW
FindClose

user32

BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
ScreenToClient
MapWindowPoints
EqualRect
GetWindowLongW
SetWindowLongW
GetClassLongW
GetClassNameW
GetTopWindow
GetLastActivePopup
GetWindow
SetWindowsHookExW
CheckMenuItem
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
CheckDlgButton
CheckRadioButton
IsWindowEnabled
IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetActiveWindow
GetDesktopWindow
GetKeyNameTextW
GetMenuStringW
GetMenuState
InsertMenuW
AppendMenuW
RemoveMenu
GetWindowDC
ClientToScreen
InflateRect
IntersectRect
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
GetCursorPos
ShowOwnedPopups
GetWindowThreadProcessId
ReleaseCapture
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
DestroyIcon
LoadImageW
RegisterClassW
ReuseDDElParam
GetForegroundWindow
TrackMouseEvent
RealChildWindowFromPoint
GetSysColorBrush
GetAsyncKeyState
MapDialogRect
DeleteMenu
WaitMessage
SetCapture
WindowFromPoint
UnionRect
GetSystemMenu
SetParent
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
SetClassLongW
SetWindowRgn
DrawEdge
DrawFrameControl
IsZoomed
SetCursorPos
CopyIcon
FrameRect
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetMenuDefaultItem
LoadMenuW
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
MessageBoxW
GetClassInfoW
GetMessageTime
GetMessagePos
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
GetFocus
GetParent
SendDlgItemMessageA
CharUpperW
RegisterWindowMessageW
GetTabbedTextExtentW
wsprintfW
UnregisterClassW
OffsetRect
SetWindowTextW
KillTimer
SetTimer
SendNotifyMessageW
MapVirtualKeyW
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
PostThreadMessageW
wvsprintfW
FillRect
GetSysColor
InvalidateRect
GetMessageW
PtInRect
DrawIcon
EnumDisplaySettingsW
ChangeDisplaySettingsW
LoadIconW
LoadCursorW
IsRectEmpty
CopyRect
SetRect
UnpackDDElParam
SetCursor
MsgWaitForMultipleObjects
RegisterTouchWindow
CloseTouchInputHandle
GetTouchInputInfo
BringWindowToTop
SetWindowPos
ReleaseDC
GetDC
SetForegroundWindow
CopyImage
MoveWindow
ShowWindow
PostQuitMessage
PostMessageW
UpdateWindow
SendMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
EnableWindow
SetRectEmpty
UnhookWindowsHookEx
IsIconic
GetDoubleClickTime

gdi32

FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
DPtoLP
GetTextMetricsW
SetRectRgn
CreatePalette
GetNearestPaletteIndex
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
RoundRect
OffsetRgn
GetRgnBox
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
CombineRgn
GetSystemPaletteEntries
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Rectangle
LPtoDP
CreateRoundRectRgn
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
StretchBlt
SetPixel
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
PatBlt
CreateRectRgnIndirect
SetTextColor
SetBkColor
CreateBitmap
GetObjectW
EnumFontFamiliesExW
ExtTextOutW
TextOutW
CreateDIBSection
StretchDIBits
RectVisible
PtVisible
Escape
DeleteObject
BitBlt
SelectObject
GetTextExtentPoint32W
CreateFontIndirectW
CreateCompatibleDC
GetPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
DeleteDC
EnumFontFamiliesW
GetTextCharsetInfo
GetTextFaceW
CreateDIBitmap

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegDeleteValueW
RegEnumKeyW
RegQueryValueW
RegCreateKeyExW

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragAcceptFiles

shlwapi

StrToIntW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW
UrlUnescapeW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor

ole32

ReleaseStgMedium
OleDuplicateData
CoCreateGuid
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoInitialize
OleTranslateAccelerator
IsAccelerator
CoDisconnectObject

dsound

ord1

gdiplus

GdipGetImagePaletteSize
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipCreateBitmapFromScan0
GdiplusShutdown
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipGetImageEncoders
GdipDrawImageRectI
GdipGetImageHeight
GdipGetImagePixelFormat
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipFree
GdipGetImageEncodersSize
GdipDrawImageI
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipAlloc

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

wininet

InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetQueryOptionW
InternetSetOptionW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentStringsW
SetEnvironmentVariableW
GetStdHandle
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW

api-ms-win-core-console-l1-1-0

GetConsoleCP
ReadConsoleW
GetConsoleMode
WriteConsoleW

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d60561af9d50aee0f2c0141f1529d1a6

Headers

DLL Characteristics

File Characteristics

Imports

winmm

msacm32

d3d11

vcruntime140

d2d1

dwrite

chakracore

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-ntuser-sysparams-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-string-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-synch-l1-2-1

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-localization-obsolete-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-registry-l2-1-0

api-ms-win-core-memory-l1-1-0

oleaut32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

dsound

gdiplus

oleacc

wininet

imm32

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-console-l1-1-0

api-ms-win-core-timezone-l1-1-0

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 593KB - Virtual size: 593KB

.data Size: 277KB - Virtual size: 372KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 593KB - Virtual size: 593KB

.data
Size: 277KB - Virtual size: 372KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB