8e5abdded2e5f8077a81ba6dd114da644b8ebda63dba5404bf34e4ec91651926

Sharing

Copy URL Twitter E-mail

General

Target

8e5abdded2e5f8077a81ba6dd114da644b8ebda63dba5404bf34e4ec91651926
Size

720KB
MD5

20787f109ca8c0a46faf0c0d885b88e6
SHA1

5447a29414720ce92c6b5cc592f416c4dfaffbb7
SHA256

8e5abdded2e5f8077a81ba6dd114da644b8ebda63dba5404bf34e4ec91651926
SHA512

0e133f3bd7bcb1457ead2717649f2bb223b84a147a46b0c680368defa077cf9d60069f49871a4734442a95f4cb12b6137c6b5620c6d1be5f3ab6b90dfaa921ba
SSDEEP

12288:8rGPdyoH/uLJOyo937vGFWxwFJI+yeuVb8r+ZP712Ii+51cjVWtVj5J:8rG1B2JOt934J7Z6bQaj1BvUm9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e5abdded2e5f8077a81ba6dd114da644b8ebda63dba5404bf34e4ec91651926

Files

8e5abdded2e5f8077a81ba6dd114da644b8ebda63dba5404bf34e4ec91651926
.exe windows:10 windows x86 arch:x86

af0fea4b3241ec32150f78cdad863062

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DXCapsViewer.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryExA
GlobalUnlock
GlobalLock
GlobalAlloc
GetNumberFormatA
GetCommandLineA
GetProcessHeap
HeapAlloc
CloseHandle
CreateFileA
GetModuleHandleA
WriteFile
GetLocaleInfoA
LocalAlloc
GetEnvironmentVariableA
HeapFree
Sleep
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
ExpandEnvironmentStringsA
GetModuleFileNameA

gdi32

DeleteDC
StartPage
StartDocA
EndDoc
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA
TextOutA
SelectObject
EndPage
SetAbortProc

user32

DialogBoxParamA
GetSystemMetrics
EndDialog
ScreenToClient
PostMessageA
GetDC
DestroyWindow
LoadCursorA
GetMenu
DispatchMessageA
LoadImageA
GetMessageA
LoadMenuA
DeferWindowPos
EnableWindow
GetParent
EnableMenuItem
PeekMessageA
CreateDialogParamA
GetWindowLongA
IsDialogMessageA
GetSubMenu
GetSystemMenu
EmptyClipboard
GetWindowTextA
SetWindowTextA
MessageBoxA
RegisterClassA
DefWindowProcA
DestroyMenu
CreateWindowExA
SetFocus
TranslateMessage
SendMessageA
SetCapture
EndDeferWindowPos
SetClipboardData
LoadIconA
SystemParametersInfoA
CheckMenuItem
GetClientRect
GetDlgItem
PostQuitMessage
TrackPopupMenu
ShowWindow
BeginDeferWindowPos
DestroyIcon
CloseClipboard
LoadStringA
GetMenuStringA
ReleaseCapture
InvalidateRect
IsIconic
ReleaseDC
GetCursorPos
SetMenuItemInfoA
OpenClipboard

msvcrt

vsprintf_s
_except_handler4_common
_controlfp
?terminate@@YAXXZ
_acmdln
_initterm
__setusermatherr
_ismbblead
__p__fmode
_cexit
memset
_ftol2
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__p__commode
_XcptFilter
free
_callnewh
malloc
wcstombs
sprintf_s
strrchr
strcat_s
strcpy_s

comctl32

ord17
ImageList_Destroy
ImageList_ReplaceIcon
ord4
ImageList_Create

comdlg32

PrintDlgA

ole32

CoInitialize
CoUninitialize

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetFolderPathA

shlwapi

PathFileExistsA
PathRemoveFileSpecA
PathAppendA

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA

d3d9

Direct3DCreate9

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 576KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af0fea4b3241ec32150f78cdad863062

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

comctl32

comdlg32

ole32

version

shell32

shlwapi

ddraw

d3d9

advapi32

Sections

.text Size: 91KB - Virtual size: 91KB

.data Size: 16KB - Virtual size: 18KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 576KB - Virtual size: 580KB

.text
Size: 91KB - Virtual size: 91KB

.data
Size: 16KB - Virtual size: 18KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 576KB - Virtual size: 580KB