34f5101b460a2b1d70d7b15e4f147fe0bf7bd2be97f7c0b7d36a0b300ba52ca2

Sharing

Copy URL Twitter E-mail

General

Target

34f5101b460a2b1d70d7b15e4f147fe0bf7bd2be97f7c0b7d36a0b300ba52ca2
Size

5.1MB
MD5

48f17ed6aa11ac0e1a2e6ecd4221189e
SHA1

0f4c6eb51fca1c2f752316ced15c1aa4cef9b2d9
SHA256

34f5101b460a2b1d70d7b15e4f147fe0bf7bd2be97f7c0b7d36a0b300ba52ca2
SHA512

ad0eb0eb4b2514bf7595c486b33c859aa19558d62cf0a30b08c31887a1d80bebd670ff2104ee2de1d23f6d2808b617551c7fcca3abef6cd78e41bfc6e6709550
SSDEEP

98304:VagXh0Wxwn9lBOXhQlb9JPiTV0pH9V0iZ7CmNdtXX4z+0oKYwos2WD9+eXjcdyAH:VagXh7+lZITMwmvtnE+mYbs18eokA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f5101b460a2b1d70d7b15e4f147fe0bf7bd2be97f7c0b7d36a0b300ba52ca2

Files

34f5101b460a2b1d70d7b15e4f147fe0bf7bd2be97f7c0b7d36a0b300ba52ca2
.dll windows:6 windows x86 arch:x86

5f2268c5672b5e60ba8988533a95945d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
FlushFileBuffers
GetCurrentThreadId
GetDynamicTimeZoneInformation
GetStdHandle
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
lstrcpynW
lstrcmpiW
GetLocalTime
GlobalAlloc
SetEndOfFile
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
GetFileType
SetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
DeleteCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
GetCPInfo
GetStringTypeW
GetSystemTimeAsFileTime
LCMapStringEx
EncodePointer
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
RaiseException
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
GetExitCodeThread
WaitForSingleObjectEx
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileInformationByHandleEx
InitializeCriticalSectionAndSpinCount
DecodePointer
FormatMessageW
LocalFree
SystemTimeToFileTime
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesW
CreateDirectoryW
ExitProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetTickCount
ReadFile
GetFileSize
GetCurrentDirectoryW
SetPriorityClass
GetCurrentProcessId
VerifyVersionInfoW
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
TerminateProcess
GetCurrentProcess
CreateEventW
SetEvent
WriteFile
CreateFileW
VerSetConditionMask
MulDiv
GetSystemTime
GlobalLock
GlobalUnlock
GetTickCount64
CreateProcessW
GetExitCodeProcess
Sleep
AreFileApisANSI
GetTempPathW
WaitForSingleObject
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
GetLocaleInfoEx
FormatMessageA
lstrcpyW
GetModuleFileNameW
GetLastError
CloseHandle
IsProcessorFeaturePresent
GetCommandLineW

user32

KillTimer
GetWindowRect
GetCursorPos
PtInRect
GetWindowLongW
SetWindowLongW
IsWindowVisible
EnumWindows
GetWindowThreadProcessId
IsWindow
ShowWindow
SetWindowTextW
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
DestroyWindow
IsIconic
CharNextW
SetFocus
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetTimer
GetClientRect
ScreenToClient
MapWindowPoints
GetSysColor
IntersectRect
UnionRect
PostMessageW
IsRectEmpty
GetParent
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
SetCursor
InflateRect
LoadCursorW
wsprintfW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetSystemMetrics
SetPropW
GetPropW
PeekMessageW
IsZoomed
SetWindowPos
InvalidateRect
SetWindowRgn
UpdateLayeredWindow
MoveWindow
IsWindowEnabled
GetWindowRgn
CharPrevW
DrawTextW
FillRect
SetRect
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
PostQuitMessage
WaitForInputIdle
SendMessageW
MessageBoxW
OffsetRect
TrackPopupMenu
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
InvalidateRgn
CreateAcceleratorTableW
DrawTextA
wsprintfA
GetWindowTextLengthW
GetWindowTextW
EqualRect
UpdateWindow
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret

gdi32

GetBitmapBits
GetTextExtentPointA
CreatePatternBrush
TextOutW
MoveToEx
GetObjectA
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
SetBitmapBits
PtInRegion
CreateRectRgn
CreateRoundRectRgn
GdiFlush
CreateDIBSection
SetWindowOrgEx
GetObjectW
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CombineRgn

shell32

SHGetPathFromIDListW
SHGetFolderPathW
SHBrowseForFolderW
ShellExecuteW
DragQueryFileW
SHGetMalloc
CommandLineToArgvW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
CoCreateGuid
DoDragDrop
CoCreateInstance
OleDuplicateData

oleaut32

SysAllocString
VariantInit
SysFreeString
VariantClear

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

gdiplus

GdipAddPathArc
GdipCreatePath
GdipDeleteMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipAddPathLine
GdipDeletePath
GdipFree
GdipAlloc
GdipCreateMatrix
GdipDeleteBrush
GdiplusStartup
GdipCreateSolidFill
GdipDrawImageI
GdipDrawLine
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetPenEndCap
GdipSetPenStartCap
GdipCreatePen2
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatHotkeyPrefix
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawImageRectRect
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipResetWorldTransform
GdipSetWorldTransform
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipReleaseDC
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStream
GdipSetPenDashStyle
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdiplusShutdown

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

ws2_32

gethostname
WSAStartup
gethostbyname

Exports

Exports

CheckUIExit
GetUserPinToTaskBar
GetUserSelectedDir
GetUserSetDefaultBrowser
HideThisProcessWindow
InitDuiContentView
InitLogger
ReleaseDui
ReleaseDuiContentView
SetDuiContentVisible
SetInstallProgress
ShowErrorMessage
WaitUntilInstallOrQuit

Sections

.text
Size: 852KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f2268c5672b5e60ba8988533a95945d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

comctl32

gdiplus

imm32

ws2_32

Exports

Exports

Sections

.text Size: 852KB - Virtual size: 852KB

.rdata Size: 182KB - Virtual size: 181KB

.data Size: 21KB - Virtual size: 27KB

.rsrc Size: 4.1MB - Virtual size: 4.1MB

.reloc Size: 49KB - Virtual size: 48KB

.text
Size: 852KB - Virtual size: 852KB

.rdata
Size: 182KB - Virtual size: 181KB

.data
Size: 21KB - Virtual size: 27KB

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

.reloc
Size: 49KB - Virtual size: 48KB