fb951edbb94dfe7b3dea2236241522a05e053c7048a301dd6c36767e3d5aeb5c

Sharing

Copy URL Twitter E-mail

General

Target

fb951edbb94dfe7b3dea2236241522a05e053c7048a301dd6c36767e3d5aeb5c
Size

1.6MB
MD5

5268759b1f4ef0714def8c734be04c25
SHA1

58dbdf592629bac22f3250b67d9cabe42ed1028e
SHA256

fb951edbb94dfe7b3dea2236241522a05e053c7048a301dd6c36767e3d5aeb5c
SHA512

c52b3c5ec6492025b921474709797e7c4efdc9d309f262f619d61fc1ada68217e38541d83d32fc160f0f6994996b44cd0c760e55bf9cd6d248494f96a78a2344
SSDEEP

12288:LpScZY2ir1XqK0XhhmCL+Tsxm1it0qLeHSrn5ssYJjKC0spQPrOPFTGpnM:LpdZY2ir1xjpwgE7LeQtsmPYTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb951edbb94dfe7b3dea2236241522a05e053c7048a301dd6c36767e3d5aeb5c

Files

fb951edbb94dfe7b3dea2236241522a05e053c7048a301dd6c36767e3d5aeb5c
.dll windows:4 windows x86 arch:x86

a74a2575e8e8af90ac7e0a5b69215b33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
SetPriorityClass
GetCurrentProcess
WideCharToMultiByte
CreateTimerQueueTimer
DeleteTimerQueueTimer
HeapFree
GetProcessHeap
HeapAlloc
GetLocalTime
Sleep
SetEvent
InterlockedExchangeAdd
InterlockedExchange
WaitForMultipleObjects
CreateEventA
CreateThread
MultiByteToWideChar
SetThreadExecutionState
GetVersion
lstrlenA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GlobalFree
GetCPInfo
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TerminateProcess
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
ExitProcess
DeleteCriticalSection
HeapReAlloc
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
InitializeCriticalSection
GetLastError
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
WaitForSingleObject
GetModuleFileNameA
WriteFile
CreateFileA
SetFilePointer
GetFileSize
CloseHandle
ReadFile
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
lstrcatA
GetModuleHandleA
GetACP

user32

KillTimer
EndPaint
BeginPaint
GetCursorPos
GetSystemMetrics
SetWindowPos
GetClientRect
GetWindowRect
DestroyCursor
UnregisterClassA
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
SetWindowLongA
GetWindowLongA
CreateWindowExA
GetDesktopWindow
RegisterClassA
LoadCursorA
IsZoomed
SetMenu
GetMenu
wsprintfA
MessageBoxA
ClientToScreen
InvalidateRect
SetCapture
ReleaseCapture
SendMessageW
SendMessageA
ShowCursor
SetTimer
DefWindowProcA
PostMessageA
EnumDisplaySettingsW
IsDlgButtonChecked
SetWindowTextA
LoadImageA
CheckDlgButton
DialogBoxParamA
GetDlgItemTextA
GetDlgItem
EnableWindow
SetDlgItemTextA
EndDialog

gdi32

GetStockObject
CreateSolidBrush
SetTextColor
CreatePatternBrush
SetBkColor
TextOutA
DeleteObject
SetBkMode

ole32

CoTaskMemFree
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

OleCreatePropertyFrame
SysFreeString

wsock32

gethostbyname

winmm

timeBeginPeriod
timeEndPeriod
timeSetEvent
timeKillEvent

gdiplus

GdipAlloc
GdipLoadImageFromStream
GdipFree
GdipDisposeImage
GdipCloneImage
GdipSaveImageToStream
GdipLoadImageFromStreamICM

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetOpenA
InternetSetOptionA

ddraw

DirectDrawCreate

d3d9

Direct3DCreate9

Exports

Exports

Main_VideoPlayBox
VideoPlayBox
Video_Notify_Func

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 556KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a74a2575e8e8af90ac7e0a5b69215b33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

wsock32

winmm

gdiplus

wininet

ddraw

d3d9

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 556KB - Virtual size: 571KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 556KB - Virtual size: 571KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 12KB - Virtual size: 11KB