cf18a4ea2a90c4b86654befec61d24da79ace8d95851daaf866c9bd3f56eaa0f

Sharing

Copy URL

Twitter E-mail

General

Target

cf18a4ea2a90c4b86654befec61d24da79ace8d95851daaf866c9bd3f56eaa0f
Size

744KB
MD5

72ad749ea86eebd6e9a0a58738d31ea1
SHA1

9cc74c1d431a2954e6f17914266242634d6122ce
SHA256

cf18a4ea2a90c4b86654befec61d24da79ace8d95851daaf866c9bd3f56eaa0f
SHA512

e836f552cdb1aa4f81bb306e46e3e94ca53595ad4f7a1a510b9fb336e5ee771c07e88dffd3ffa0c7a32983f975f2ac259ff2443beb17c9d54363897f5c3b066b
SSDEEP

12288:7jl4znBPDPo2f3p6UjKvDhFwOz0/QGoFiYldaFMi9nEE8h+9oRWk:vlyBLoip66KfwOI4GofidEE8h+9o4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf18a4ea2a90c4b86654befec61d24da79ace8d95851daaf866c9bd3f56eaa0f

Files

cf18a4ea2a90c4b86654befec61d24da79ace8d95851daaf866c9bd3f56eaa0f
.exe windows:10 windows x64 arch:x64

1a6139bca24492ee5163ffe299aaa6f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DXCapsViewer.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryExA
WriteFile
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetNumberFormatA
GetCommandLineA
GetProcessHeap
HeapAlloc
CloseHandle
CreateFileA
GetLocaleInfoA
LocalAlloc
GetEnvironmentVariableA
GetModuleHandleA
Sleep
GetStartupInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
ExpandEnvironmentStringsA
GetModuleFileNameA

gdi32

EndDoc
StartPage
StartDocA
GetDeviceCaps
DeleteDC
GetTextMetricsA
CreateFontIndirectA
TextOutA
SelectObject
EndPage
SetAbortProc

user32

ScreenToClient
PostMessageA
GetDC
DestroyWindow
LoadCursorA
GetMenu
DispatchMessageA
LoadImageA
GetMessageA
LoadMenuA
DeferWindowPos
EnableWindow
GetParent
EnableMenuItem
GetWindowLongPtrA
PeekMessageA
CreateDialogParamA
IsDialogMessageA
LoadStringA
GetSystemMenu
DestroyIcon
GetSystemMetrics
CloseClipboard
EmptyClipboard
GetWindowTextA
SetWindowTextA
MessageBoxA
RegisterClassA
DefWindowProcA
DestroyMenu
CreateWindowExA
SetFocus
TranslateMessage
SendMessageA
SetCapture
EndDeferWindowPos
SetClipboardData
LoadIconA
SystemParametersInfoA
CheckMenuItem
GetClientRect
GetDlgItem
PostQuitMessage
EndDialog
DialogBoxParamA
TrackPopupMenu
OpenClipboard
GetSubMenu
SetMenuItemInfoA
GetMenuStringA
ReleaseCapture
InvalidateRect
IsIconic
ReleaseDC
GetCursorPos
BeginDeferWindowPos
ShowWindow

msvcrt

strcpy_s
vsprintf_s
?terminate@@YAXXZ
_commode
_fmode
_acmdln
__C_specific_handler
__setusermatherr
_initterm
memset
_ismbblead
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
free
_callnewh
malloc
wcstombs
sprintf_s
strrchr
strcat_s

comctl32

ImageList_ReplaceIcon
ImageList_Create
ord4
ImageList_Destroy
ord17

comdlg32

PrintDlgA

ole32

CoInitialize
CoUninitialize

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetFolderPathA

shlwapi

PathFileExistsA
PathRemoveFileSpecA
PathAppendA

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

d3d9

Direct3DCreate9

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1a6139bca24492ee5163ffe299aaa6f6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

comctl32

comdlg32

ole32

version

shell32

shlwapi

ddraw

d3d9

advapi32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 25KB - Virtual size: 28KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 25KB - Virtual size: 28KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 568KB - Virtual size: 572KB