ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093

Sharing

Copy URL

Twitter E-mail

General

Target

ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093
Size

1.4MB
MD5

e694b04b0d6cac8fa43a5ea884b71bc0
SHA1

10116c661a6588950e980ea1e6ce10201e91e519
SHA256

ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093
SHA512

77de31e53150e1cf7e0bb1f94cc8533a37aae6926d6ec875340dae4879dd071657376006d40ed42ed28dcedf208b9ee344745b72c377ab4c5f789d6fb6ff372d
SSDEEP

24576:5ryq+z6JfJ/hxQIG05/cJFmkmm+63ut6uUfSYDzX21clLE:5WqA69J/FGKkP3ut6u+Sq7cIE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093

Files

ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093
.dll windows:5 windows x86 arch:x86

78f343745bda0d12f8de2e2b4f363546

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

winmm

DefDriverProc

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

SetEndOfFile
CreateFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
ExitProcess
HeapAlloc
HeapReAlloc
WriteConsoleW
FlushFileBuffers
GetStdHandle
ExitThread
VirtualAlloc
HeapSize
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
VirtualFree
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetStdHandle
LoadLibraryW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
GetProcessHeap
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenA
SetLastError
CreateSemaphoreW
ReleaseSemaphore
ResetEvent
IsDBCSLeadByteEx
GetACP
GetLastError
GetCurrentThreadId
WritePrivateProfileStringA
OpenMutexA
CreateMutexA
ReleaseMutex
GetModuleHandleA
GetSystemInfo
GetVersion
CreateEventA
CreateThread
GetPrivateProfileIntA
GetVersionExA
WaitForSingleObject
CloseHandle
WaitForMultipleObjects
SetEvent
Beep
MulDiv
MultiByteToWideChar
GetCurrentProcessId
VirtualQueryEx
Sleep
GetWindowsDirectoryA
GetModuleFileNameA
GetTickCount
OutputDebugStringA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetCurrentProcess
GetProcessTimes
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetFileType

user32

GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
PtInRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetSysColor
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
FillRect
FrameRect
InflateRect
CopyRect
GetDC
ReleaseDC
GetSystemMetrics
KillTimer
SetTimer
GetDesktopWindow
RegisterWindowMessageA
PostMessageA
LoadBitmapA
SetWindowPos
LoadIconA
SendMessageA
EnableWindow
GetDlgCtrlID
DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
SetCursor
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps

gdi32

CreatePalette
CreateCompatibleDC
GetDeviceCaps
GetTextMetricsA
GetTextExtentPoint32A
GetDIBits
GetSystemPaletteEntries
BitBlt
CreateSolidBrush
CreateBitmap
PatBlt
CreateDIBSection
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
GetClipBox
SetTextAlign
CreateCompatibleBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateFontIndirectA
CreateFontA
SelectObject
GetCharacterPlacementA
DeleteObject
CombineRgn
GetRegionData
ExtCreateRegion
GetBitmapBits
GetObjectA
GetStockObject

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
SetSecurityDescriptorDacl
RegQueryValueA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

shell32

SHGetFolderPathA

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantChangeType
VariantClear

dsound

ord1

Exports

Exports

CodecLib
DriverProc
UserProc
UserProcLib

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GvCodecL
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78f343745bda0d12f8de2e2b4f363546

Headers

File Characteristics

Imports

msvfw32

winmm

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

dsound

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 158KB - Virtual size: 157KB

.data Size: 134KB - Virtual size: 326KB

GvCodecL Size: 512B - Virtual size: 8B

.rodata Size: 1KB - Virtual size: 1KB

.rsrc Size: 21KB - Virtual size: 20KB

.reloc Size: 53KB - Virtual size: 52KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 158KB - Virtual size: 157KB

.data
Size: 134KB - Virtual size: 326KB

GvCodecL
Size: 512B - Virtual size: 8B

.rodata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 20KB

.reloc
Size: 53KB - Virtual size: 52KB