47fc99bbaf23e25f90e3d1e453fa55abe980e92cfa33740df55cca1e39e5cedc

Sharing

Copy URL Twitter E-mail

General

Target

47fc99bbaf23e25f90e3d1e453fa55abe980e92cfa33740df55cca1e39e5cedc
Size

6.2MB
MD5

d81bac837d00ab4cc6a5cd6353246375
SHA1

1e71cb1309285e6891a46cba96e883c65b1b2bf0
SHA256

47fc99bbaf23e25f90e3d1e453fa55abe980e92cfa33740df55cca1e39e5cedc
SHA512

2205e9c519df8c8a5a6a6e36e59093f7dc12f4151398bc359ee19616fe08e88937fe8ead77160ba5985926eb1052b3b2776e9e3cd86a596c3889106d7b9e6cdc
SSDEEP

196608:OJjw4/CZvTu74/qXNTCrYHxTR9SpWB/rqN:OJfITcoqXNTCrYHxeU/rqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47fc99bbaf23e25f90e3d1e453fa55abe980e92cfa33740df55cca1e39e5cedc

Files

47fc99bbaf23e25f90e3d1e453fa55abe980e92cfa33740df55cca1e39e5cedc
.dll windows:6 windows x86 arch:x86

1a7f1faf205a1f612840baa28bf6cddd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\WorkshopAgent\DevelopProjX\Sciter\PreRelease\sdk.js\bin\windows\x32\sciter.pdb

Imports

ws2_32

GetAddrInfoW
WSAIoctl
FreeAddrInfoW
WSARecv
connect
socket
getsockname
getpeername
freeaddrinfo
getaddrinfo
select
ioctlsocket
WSASocketW
htons
closesocket
getsockopt
ntohl
ntohs
WSASetLastError
WSAStartup
WSASendTo
WSARecvFrom
bind
WSASend
setsockopt
htonl
listen
shutdown
WSAGetLastError

wininet

HttpQueryInfoA
InternetQueryOptionW
HttpOpenRequestA
HttpQueryInfoW
InternetReadFile
InternetErrorDlg
HttpSendRequestA
InternetSetOptionW
InternetOpenA
InternetCloseHandle
InternetConnectA

shell32

SHGetFileInfoW
CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
ord727
ShellExecuteW
ord74
DragQueryFileW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ShellExecuteExW

advapi32

OpenProcessToken
RegOpenKeyExW
CryptGenRandom
CryptReleaseContext
SystemFunction036
RegCloseKey
RegGetValueW
RegQueryValueExW
GetUserNameW
CryptAcquireContextW

ole32

CoTaskMemFree
CoCreateInstance
CoCreateGuid
StringFromCLSID
OleInitialize
OleUninitialize
ReleaseStgMedium
DoDragDrop
RevokeDragDrop
RegisterDragDrop
CreateStreamOnHGlobal
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoFreeUnusedLibraries

oleaut32

SafeArrayCreateVector
SysFreeString
SysAllocStringLen
SafeArrayDestroy
SafeArrayPutElement

gdi32

SetViewportOrgEx
SaveDC
GetGlyphIndicesW
GetObjectA
CreateSolidBrush
SetLayout
GetStockObject
BitBlt
StartPage
EndDoc
CreateDCW
SetMapMode
StartDocW
EndPage
RestoreDC
StretchDIBits
DeleteObject
CreateBitmap
CreateDIBSection
GetDIBits
SelectObject
CreateFontW
EnumFontFamiliesExW
GetFontUnicodeRanges
DeleteDC
CreateCompatibleDC
GetObjectW
AddFontMemResourceEx
GetClipBox
GetDeviceCaps

comdlg32

PrintDlgW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

ord203

kernel32

DecodePointer
HeapReAlloc
InitializeSListHead
EncodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedPushEntrySList
InterlockedFlushSList
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
WaitForSingleObjectEx
GetCommandLineA
SetEnvironmentVariableA
SetThreadPriority
InitializeCriticalSectionEx
lstrlenW
GlobalFree
FormatMessageW
LocalAlloc
LocalSize
WaitForMultipleObjects
lstrcmpW
LoadLibraryW
GetThreadPriority
GetTickCount
GetExitCodeThread
DeleteFileW
EnumSystemLocalesW
MultiByteToWideChar
FindFirstFileW
FindNextFileW
FindClose
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
GetFullPathNameW
GetModuleFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
CompareStringW
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
GetComputerNameW
GetUserDefaultLCID
GetSystemDefaultLCID
GetLocaleInfoW
LoadLibraryExW
GetProcAddress
GetSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
FileTimeToSystemTime
OutputDebugStringW
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
CloseHandle
SetFilePointer
SetEndOfFile
MulDiv
GetTempPathA
GetTempFileNameA
GetLastError
GetFileAttributesW
Sleep
FreeLibrary
GetCurrentThreadId
GetCPInfo
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalSize
SleepConditionVariableCS
TryEnterCriticalSection
TlsSetValue
CreateTimerQueue
GetCurrentProcess
ReleaseSemaphore
WakeConditionVariable
LeaveCriticalSection
InitializeCriticalSection
InitializeConditionVariable
WaitForSingleObject
ResumeThread
DuplicateHandle
CreateEventW
SetEvent
GetCurrentThread
TlsAlloc
GetNativeSystemInfo
DeleteCriticalSection
CreateSemaphoreW
TlsGetValue
TlsFree
SetLastError
SetEnvironmentVariableW
GetEnvironmentVariableW
GetTempPathW
GetVersionExW
FreeEnvironmentStringsW
GetSystemInfo
GetCurrentDirectoryW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
SetErrorMode
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
LocalFree
FormatMessageA
DebugBreak
GetModuleHandleA
LoadLibraryA
ReadFile
SetNamedPipeHandleState
CreateNamedPipeA
WriteFile
RegisterWaitForSingleObject
UnregisterWait
CreateNamedPipeW
PeekNamedPipe
QueueUserWorkItem
CancelSynchronousIo
CreateFileA
GetNamedPipeHandleStateW
CancelIoEx
SwitchToThread
WaitNamedPipeW
ConnectNamedPipe
FlushFileBuffers
CreateDirectoryW
GetFileInformationByHandleEx
GetFileSizeEx
GetDiskFreeSpaceW
DeviceIoControl
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
ReOpenFile
CreateHardLinkW
GetFileInformationByHandle
SetFilePointerEx
MoveFileExW
CopyFileW
CreateSymbolicLinkW
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleMode
GetConsoleCursorInfo
GetConsoleMode
SetConsoleCursorInfo
FillConsoleOutputCharacterW
ReadConsoleInputW
ReadConsoleW
ResetEvent
WriteConsoleInputW
FillConsoleOutputAttribute
WriteConsoleW
GetNumberOfConsoleInputEvents
SetConsoleCursorPosition
SetHandleInformation
CancelIo
SetFileCompletionNotificationModes
GetLongPathNameW
GetShortPathNameW
ReadDirectoryChangesW
GetFileType
SetInformationJobObject
AssignProcessToJobObject
TerminateProcess
CreateJobObjectW
UnregisterWaitEx
LCMapStringW
CreateProcessW
GetExitCodeProcess
GetStartupInfoW
GetStdHandle
ExitProcess
VirtualProtect
VirtualFree
VirtualAlloc
HeapFree
GetCommandLineW
HeapAlloc
GetProcessHeap
RtlUnwind
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetStdHandle
GetConsoleCP
GetFileAttributesExW
SetFileAttributesW
HeapSize
SignalObjectAndWait
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
GetThreadTimes
InterlockedPopEntrySList
QueryDepthSList
GetModuleFileNameA
GetStringTypeW
GetACP
IsValidLocale
EnterCriticalSection

user32

GetForegroundWindow
CreateWindowExW
SetTimer
MoveWindow
SetWindowLongW
ShowWindow
DefWindowProcW
MapWindowPoints
GetParent
SendMessageW
DestroyWindow
WindowFromPoint
SetForegroundWindow
IsIconic
ScreenToClient
ClientToScreen
RegisterWindowMessageW
LoadIconW
RegisterClassExW
AdjustWindowRectEx
SetClassLongW
GetClassLongW
PostMessageW
KillTimer
GetMessageExtraInfo
GetAsyncKeyState
GetMessageTime
PeekMessageW
IsWindowUnicode
GetFocus
SetFocus
SetCursor
SetScrollInfo
GetScrollInfo
GetWindowTextW
BeginPaint
SetCapture
GetUpdateRect
GetCapture
ReleaseCapture
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetActiveWindow
IsChild
BeginDeferWindowPos
DeferWindowPos
MonitorFromWindow
EnumThreadWindows
IsRectEmpty
RegisterClassW
FlashWindowEx
MonitorFromPoint
CreateMenu
GetMenuItemCount
RemoveMenu
InsertMenuW
GetMenu
SetMenu
GetKeyboardLayout
CreateCaret
DestroyCaret
SetCaretPos
FindWindowW
GetClipboardData
GetWindowPlacement
IsWindowVisible
IsClipboardFormatAvailable
SetClipboardData
SetWindowTextW
EndPaint
EnumClipboardFormats
CountClipboardFormats
CloseClipboard
EmptyClipboard
OpenClipboard
RegisterClipboardFormatW
EnumDisplayMonitors
GetMonitorInfoW
CallMsgFilterW
GetDesktopWindow
MessageBeep
NotifyWinEvent
GetDoubleClickTime
GetWindowThreadProcessId
GetSystemMetrics
DestroyIcon
DrawIconEx
GetIconInfo
CreateIconIndirect
LoadCursorFromFileA
LoadCursorW
DestroyCursor
GetSysColor
ReleaseDC
GetDC
GetWindowLongW
EnumDisplayDevicesW
PostQuitMessage
SystemParametersInfoW
GetMessageW
MapVirtualKeyW
DispatchMessageW
AnimateWindow
SetWindowPos
UpdateWindow
InvalidateRect
GetCursorPos
GetClientRect
IsWindowEnabled
EnableWindow
IsWindow
GetWindowRect
GetWindow
GetKeyState
UpdateLayeredWindow
EndDeferWindowPos
SetActiveWindow
MessageBoxW
PostThreadMessageW
GetQueueStatus
MsgWaitForMultipleObjects
TranslateMessage

userenv

GetUserProfileDirectoryW

shlwapi

PathIsRelativeW

winmm

timeSetEvent
timeGetTime
timeEndPeriod
timeBeginPeriod
timeKillEvent

comctl32

ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx

oleacc

LresultFromObject
AccessibleObjectFromWindow

imm32

ImmIsIME
ImmSetCandidateWindow
ImmAssociateContextEx
ImmGetCompositionStringW
ImmNotifyIME
ImmReleaseContext
ImmGetContext

usp10

ScriptPlace
ScriptApplyDigitSubstitution
ScriptFreeCache
ScriptBreak
ScriptItemize
ScriptShape

gdiplus

GdipDisposeImage
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFillRectangleI
GdipCreatePath
GdipDeletePath
GdipAddPathArcI
GdipAddPathLineI
GdipFillPath
GdipGetClipBoundsI
GdipCreateLineBrush
GdipMultiplyLineTransform
GdipCreateMatrix2
GdipSetLinePresetBlend
GdipSetLineWrapMode
GdipAddPathEllipse
GdipCreatePathGradientFromPath
GdipSetPathGradientPresetBlend
GdipSetPathGradientWrapMode
GdipSetPathGradientCenterPoint
GdipSetPathGradientTransform
GdipCreatePen1
GdipCloneImage
GdipDrawPath
GdipFillRectanglesI
GdipDrawLine
GdipSetClipRectI
GdipTranslateWorldTransform
GdipGetSmoothingMode
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer2
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipGetPathWorldBounds
GdipClonePath
GdipSetClipRect
GdipAddPathRectangleI
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipSetSmoothingMode
GdipEndContainer
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRect
GdipTransformPoints
GdipMultiplyWorldTransform
GdipResetWorldTransform
GdipCreateMatrix
GdipDeleteMatrix
GdipGetWorldTransform
GdipGetMatrixElements
GdipTranslateMatrix
GdipRotateMatrix
GdipScaleMatrix
GdipShearMatrix
GdipCreateTexture
GdipFillEllipse
GdipDrawEllipse
GdipFillPie
GdipDrawPie
GdipDrawArc
GdipFillRectangle
GdipDrawRectangle
GdipResetPath
GdipIsVisiblePathPoint
GdipStartPathFigure
GdipAddPathLine
GdipClosePathFigure
GdipSetPathFillMode
GdipAddPathArc
GdipAddPathBezier
GdipSetPageUnit
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipCreateFromHWND
GdipCreateFromHDC
GdipCreatePen2
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenLineJoin
GdipSetPenMiterLimit
GdipSetPenDashStyle
GdipSetPenDashArray
GdipSetPenDashOffset
GdipGetFontSize
GdipDeleteFont
GdipGetCellAscent
GdipCreateFontFromDC
GdipGetLineSpacing
GdipGetEmHeight
GdipCreateFontFromLogfontA
GdipGetFamily
GdipDeleteFontFamily
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromGraphics
GdipDrawImageI
GdipCreateHBITMAPFromBitmap
GdipDrawDriverString
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDeletePen

Exports

Exports

SciterAPI

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 577B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a7f1faf205a1f612840baa28bf6cddd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wininet

shell32

advapi32

ole32

oleaut32

gdi32

comdlg32

winspool.drv

kernel32

user32

userenv

shlwapi

winmm

comctl32

oleacc

imm32

usp10

gdiplus

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 103KB - Virtual size: 2.7MB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 1024B - Virtual size: 577B

.rsrc Size: 269KB - Virtual size: 269KB

.reloc Size: 283KB - Virtual size: 282KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 103KB - Virtual size: 2.7MB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 1024B - Virtual size: 577B

.rsrc
Size: 269KB - Virtual size: 269KB

.reloc
Size: 283KB - Virtual size: 282KB