582e02ea3d9d5f48381f3b91d4e0971271f4e27679741ff14c3e36a2c68c2280

Sharing

Copy URL Twitter E-mail

General

Target

582e02ea3d9d5f48381f3b91d4e0971271f4e27679741ff14c3e36a2c68c2280
Size

103KB
MD5

0c32a02288e4e69c9266283f29ad3163
SHA1

2dde872d55d19ae911b9e8f99342880403c9b090
SHA256

582e02ea3d9d5f48381f3b91d4e0971271f4e27679741ff14c3e36a2c68c2280
SHA512

e9d36c3d983a8f05faaaa7ce385ed0e7ab284c0182c2c0fb6358eeef022543d4704bbe161b56691a0e89ad329e9dd84dbd36fff7619a5e4e73b0922949a87cd1
SSDEEP

1536:a1MA8svisNWXk703M2VTXeNknqxtmOr8ABxZnotkvKBdacmVNLh1b16P:Z6KTJbeNkGtKa+avKBda9VNLh1b16P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
582e02ea3d9d5f48381f3b91d4e0971271f4e27679741ff14c3e36a2c68c2280

Files

582e02ea3d9d5f48381f3b91d4e0971271f4e27679741ff14c3e36a2c68c2280
.dll windows:6 windows x64 arch:x64

5b220d77abc1ae8c0fb294534d263d9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopViewGetHWND
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarSetDestructionHandler

user32

GetAncestor
LoadImageW
DestroyIcon
DefWindowProcW
SetForegroundWindow
TrackPopupMenu
RemoveMenu
AppendMenuW
GetMenuItemCount
CreatePopupMenu
GetCursorPos
GetSystemMetrics

shell32

Shell_NotifyIconW
Shell_NotifyIconGetRect

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??Bid@locale@std@@QEAA_KXZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

vcruntime140

__std_terminate
memcmp
memcpy
memmove
__std_type_info_compare
memset
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__std_type_info_destroy_list
_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_seh_filter_dll
_crt_atexit
_cexit
_initterm
_initterm_e
_invoke_watson
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive

Exports

Exports

TrayManagerPluginRegisterWithRegistrar

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b220d77abc1ae8c0fb294534d263d9c

Headers

DLL Characteristics

File Characteristics

Imports

flutter_windows

user32

shell32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 5KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 436B

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 5KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 436B