ced984eb3d8fb0cb3c8711462d449409dfaba1d5f2fd9da7076af6611b6e4425

Sharing

Copy URL Twitter E-mail

General

Target

ced984eb3d8fb0cb3c8711462d449409dfaba1d5f2fd9da7076af6611b6e4425
Size

164KB
MD5

ffa6bbd9a28cc9e750473f45bdf77568
SHA1

bdb68fc5d5fd5f8de4556ddd03fcaa7cc08e7975
SHA256

ced984eb3d8fb0cb3c8711462d449409dfaba1d5f2fd9da7076af6611b6e4425
SHA512

2649355a98dc27c3954a11a70db892d7896e157686a3a7172b22314b19a78e6a2f0267109dacb86519a92ad90a094dba821b9c02e2e34caeddd2813a34073f22
SSDEEP

3072:R2M+2UwhaBLQ0/1a3JHhooxcXbscd00XfvXyU7Y1Gf/dip:R2wHhiUEa3JELscdlaU8sf/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ced984eb3d8fb0cb3c8711462d449409dfaba1d5f2fd9da7076af6611b6e4425

Files

ced984eb3d8fb0cb3c8711462d449409dfaba1d5f2fd9da7076af6611b6e4425
.dll regsvr32 windows:4 windows x86 arch:x86

ac63f1d3bb38d2191d62d49d1afbc99e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
LocalFree
InterlockedIncrement
WideCharToMultiByte
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
lstrlenW
DisableThreadLibraryCalls
DeleteCriticalSection
HeapDestroy
GetCurrentProcess
FlushInstructionCache
GetModuleHandleA
GetTickCount
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
GetLastError
GlobalUnlock
GlobalFree
InterlockedDecrement

user32

SetCapture
InvalidateRect
ReleaseCapture
IsWindow
GetClientRect
DestroyWindow
GetCursorPos
RegisterClassA
LoadCursorA
EndPaint
GetSysColor
CreateWindowExA
BeginPaint
PtInRect
DrawFrameControl
GetFocus
DrawFocusRect
GetWindowLongA
GetCapture
ReleaseDC
CharNextA
SetWindowLongA
GetWindowTextA
wsprintfA
SetWindowTextA
GetParent
GetDlgItem
CreateDialogParamA
SendMessageA
LoadStringA
GetDC
DefWindowProcA
SetFocus
GetWindowRect

gdi32

GetDIBColorTable
CreateCompatibleDC
DeleteObject
GetObjectA
DeleteDC
CreateSolidBrush
Rectangle
CreatePen
MoveToEx
LineTo
SetPixel
CreateDIBSection
GetStockObject
SetPixelV
SelectObject

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi
VariantClear
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi
RegisterTypeLi

filterdlgui

?ConfigList_Add@CFilterDlgBase@@EAEXPBDKPAX@Z
?OpenHelp@@YAHPAUHINSTANCE__@@@Z
??0CProgressWrapper@@QAE@XZ
?StartProgressWindow@CProgressWrapper@@QAEHPAUHINSTANCE__@@PAUHWND__@@HKPBD2@Z
?GetProgressWindowAddress@CProgressWrapper@@QAEPAXXZ
?GetProgressCallback@CProgressWrapper@@QAEP6GHPAXHH@ZXZ
?EndProgressWindow@CProgressWrapper@@QAEHXZ
??1CProgressWrapper@@QAE@XZ
?SetDialogTitle@CFilterDlgBase@@IAEXPAD@Z
?SetImage@CFilterDlgBase@@IAEHPAUHBITMAP__@@0HHH@Z
?Create_ReplacePlaceholder@CAdjustCtrlBlock@@QAEHPAUHWND__@@I0@Z
?SetRange@CAdjustCtrlBlock@@QAEXHH@Z
?SetTicFreq@CAdjustCtrlBlock@@QAEXH@Z
?SetZoom@CFilterDlgBase@@IAEXHH@Z
?GetPos@CAdjustCtrlBlock@@QAEHH@Z
?SetConfigChangeTimerTimeout@CFilterDlgBase@@IAEHH@Z
?Validate@CAdjustCtrlBlock@@QAEHHH@Z
?GetData@PresetInfo@@QBEPBXPAK@Z
?SetPos@CAdjustCtrlBlock@@QAEXH@Z
?NotifyConfigChange@CFilterDlgBase@@IAEHXZ
??0PresetInfo@@QAE@XZ
?SetData@PresetInfo@@QAEXKPBX@Z
??1PresetInfo@@QAE@XZ
?FilterDialogMessage@CAdjustCtrlBlock@@QAEHIIJ@Z
??0CFilterDlgBase@@QAE@KKPAUHINSTANCE__@@@Z
?DIBView_OnScrollImage@CFilterDlgBase@@EAEXXZ
?UID_Set@CFilterDlgBase@@EAEXPAD@Z
??1CAdjustCtrlBlock@@UAE@XZ
?DIBView_OnSelectPoint@CFilterDlgBase@@EAEXPBUtagPOINT@@@Z
??1CFilterDlgBase@@UAE@XZ
??0CAdjustCtrlBlock@@QAE@PAUHINSTANCE__@@@Z
?ShowModalDialog@CFilterDlgBase@@QAEHPAUHWND__@@@Z

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

_except_handler3
sprintf
_mbscmp
_strdup
free
malloc
wcslen
_CxxThrowException
_purecall
?terminate@@YAXXZ
_initterm
_adjust_fdiv
__dllonexit
_onexit
??1type_info@@UAE@XZ
atoi
_ftol
srand
rand
__CxxFrameHandler
??2@YAPAXI@Z

comdlg32

ChooseColorA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac63f1d3bb38d2191d62d49d1afbc99e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

filterdlgui

msvcp60

msvcrt

comdlg32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 7KB

.rmnet Size: 88KB - Virtual size: 88KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 7KB

.rmnet
Size: 88KB - Virtual size: 88KB