20cd7cd334e2353bd9fcb5557005c8ece741b1ab2d9a3820a7185703d2e8688d

Sharing

Copy URL

Twitter E-mail

General

Target

20cd7cd334e2353bd9fcb5557005c8ece741b1ab2d9a3820a7185703d2e8688d
Size

320KB
MD5

fa7ac8020d1047824801e372304d6698
SHA1

da96324ff47d36590065dbfa71a2bc1bd291bb38
SHA256

20cd7cd334e2353bd9fcb5557005c8ece741b1ab2d9a3820a7185703d2e8688d
SHA512

e1f89273059731c9027cafd4fab043cef03517105fb3a9adfc380d5d6b48b63847f67b00d77008fbead5aabb7aa98b2b504ec2729ebcd8941f18066927e88e29
SSDEEP

6144:Z/SbuBJDTODkhesXvzxqKoRHSkmhPqzrCnzzscF7Dx8a3rXqj:Z/UuBFOk5oMVqizzsinx8am

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20cd7cd334e2353bd9fcb5557005c8ece741b1ab2d9a3820a7185703d2e8688d

Files

20cd7cd334e2353bd9fcb5557005c8ece741b1ab2d9a3820a7185703d2e8688d
.dll windows:4 windows x86 arch:x86

f0b0bef026a0c30504c136feccf379c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\jk_9\workspace\Module_NPAPI_W_WebPages_package\code_path\Main\Bin\Win32\Win_x86_32\pdb\UIControls.pdb

Imports

winmm

timeGetTime

gdiplus

GdipMeasureString
GdipDrawRectangleI
GdipCreateBitmapFromGdiDib
GdipFillRectangleI
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipDrawLineI
GdipSetPenDashStyle
GdipDrawLine
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipCreateFontFamilyFromName
GdipDrawImageI
GdipCreateLineBrushI
GdipFillEllipseI
GdipDrawImageRectRect
GdipDeleteBrush
GdipFree
GdipCloneImage
GdipDeletePen
GdipGetImageHeight
GdipDrawEllipseI
GdipCreateFromHDC
GdipAlloc
GdipLoadImageFromFile
GdipCloneBrush
GdipFillPolygonI
GdipDisposeImage
GdipFillPieI
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipDrawLines
GdipDeleteFontFamily
GdipDrawString
GdipDeleteStringFormat
GdipGetImageEncoders
GdipCreateFont
GdipCreateBitmapFromFile
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipScaleWorldTransform
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreatePen1
GdipGetImageWidth

kernel32

lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetThreadLocale
WritePrivateProfileStringA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
HeapAlloc
HeapFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
ExitProcess
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
CreateFileW
GetACP
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetModuleFileNameW
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
MultiByteToWideChar
lstrcmpW
GetVersionExA
InterlockedDecrement
InterlockedIncrement
SetLastError
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
DeleteFileA
CopyFileA
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualQuery
GetModuleFileNameA
SizeofResource
LoadResource
LockResource
FindResourceA
MulDiv
lstrlenA
InterlockedExchange
CompareStringA
WideCharToMultiByte
GetLastError
GetVersion

user32

GetMenuState
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
IsWindowEnabled
GetWindowThreadProcessId
CheckMenuItem
EnableMenuItem
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
WindowFromPoint
GetCursorPos
SetWindowTextA
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageA
PostQuitMessage
UnregisterClassA
DestroyMenu
GetSysColorBrush
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetSysColor
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetWindowLongA
SetWindowLongA
ReleaseCapture
SetWindowPos
ClientToScreen
DefWindowProcA
RegisterClassA
LoadIconA
SetCapture
PostMessageA
ScreenToClient
CopyRect
IsWindow
MoveWindow
CallNextHookEx
LoadCursorA
SetCursor
ShowWindow
SetParent
SetWindowsHookExA
GetWindowRect
FindWindowA
UnhookWindowsHookEx
GetDesktopWindow
BeginDeferWindowPos
DeferWindowPos
InvalidateRect
SendMessageW
SetRect
DestroyWindow
UpdateWindow
EnableWindow
SendMessageA
GetParent
DrawTextW
GetClientRect
GetDC
WindowFromDC
ReleaseDC
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
EndDeferWindowPos

gdi32

CreateFontA
Rectangle
GetTextExtentPoint32W
SetTextAlign
MoveToEx
SetBkMode
LineTo
ExtCreatePen
Arc
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
CreateFontIndirectA
GetClipBox
GetDeviceCaps
SaveDC
RestoreDC
TextOutW
SetTextColor
GetStockObject
CreatePen
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
SetBkColor
GetPixel
SetStretchBltMode
StretchBlt
StretchDIBits
SetMapMode
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
DeleteObject

msimg32

AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA

comctl32

_TrackMouseEvent

shlwapi

PathFindFileNameA
PathAppendA
PathRemoveFileSpecA
PathFindExtensionA

oleaut32

SysAllocStringLen
SysFreeString
VariantClear
VariantChangeType
VariantInit

Exports

Exports

CheckModule
ClearModule
CreateImageButton
CreateMainView
CreateShapeEle
CreateSubsButton
CreateTransView
CreateView
DestroyImageButton
DestroyMainView
DestroyShapeEle
DestroyView
InitModule

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0b0bef026a0c30504c136feccf379c2

Headers

File Characteristics

PDB Paths

Imports

winmm

gdiplus

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

comctl32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 28KB - Virtual size: 24KB

.reloc Size: 28KB - Virtual size: 24KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 28KB - Virtual size: 24KB

.reloc
Size: 28KB - Virtual size: 24KB