dd4a63071dafd9ac942e8023f7ec104bd752d6667f72904e4b0dd13115e805ca

Sharing

Copy URL

Twitter E-mail

General

Target

dd4a63071dafd9ac942e8023f7ec104bd752d6667f72904e4b0dd13115e805ca
Size

5.3MB
MD5

9c89b91811af65a0903de7227aebd6c3
SHA1

8b6cdfdb534b0a7ca283faabaf0786f565546e2e
SHA256

dd4a63071dafd9ac942e8023f7ec104bd752d6667f72904e4b0dd13115e805ca
SHA512

f87f1675f5d20cb9a8db955c755ca8e5b5e34d02128aa22026799845ac5e2ff1634c2c6cc3782030828147e202bb7799bd9999b3ac62e942df51d6976b64ddac
SSDEEP

98304:FqZ6ix4m0W8pylrV5z4BIpXHPwFLOAkGkzdnEVomFHKnP:BirES34BIpfwFLOyomFHKnP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd4a63071dafd9ac942e8023f7ec104bd752d6667f72904e4b0dd13115e805ca

Files

dd4a63071dafd9ac942e8023f7ec104bd752d6667f72904e4b0dd13115e805ca
.exe windows:6 windows x64 arch:x64

e7d13a58a328a5f21708203e9c4ac327

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\Projects\KRProjects\krsdk_home_ex\bin\KRSDKRes\KRSDKWebView\KRWebView.pdb

Imports

krshmq

ord1
ord2

libcef

cef_get_mime_type
cef_base64encode
cef_parse_jsonand_return_error
cef_get_path
cef_register_widevine_cdm
cef_api_hash
cef_browser_host_create_browser
cef_browser_host_create_browser_sync
cef_string_map_alloc
cef_string_map_free
cef_command_line_create
cef_command_line_get_global
cef_dictionary_value_create
cef_stream_writer_create_for_handler
cef_drag_data_create
cef_request_context_get_global_context
cef_request_context_create_context
cef_create_context_shared
cef_v8context_get_current_context
cef_process_message_create
cef_v8value_create_undefined
cef_v8value_create_null
cef_v8value_create_bool
cef_v8value_create_int
cef_v8value_create_uint
cef_v8value_create_double
cef_v8value_create_date
cef_v8value_create_string
cef_v8value_create_object
cef_v8value_create_array
cef_v8value_create_array_buffer
cef_v8value_create_function
cef_browser_view_get_for_browser
cef_string_list_size
cef_string_list_value
cef_string_list_append
cef_string_map_size
cef_string_map_key
cef_string_map_value
cef_string_map_append
cef_set_crash_key_value
cef_crash_reporting_enabled
cef_enable_highdpi_support
cef_set_osmodal_loop
cef_quit_message_loop
cef_run_message_loop
cef_do_message_loop_work
cef_shutdown
cef_initialize
cef_execute_process
cef_string_multimap_free
cef_string_multimap_alloc
cef_string_multimap_append
cef_load_crlsets_file
cef_post_delayed_task
cef_post_task
cef_currently_on
cef_string_list_free
cef_string_list_alloc
cef_string_userfree_utf16_free
cef_log
cef_string_multimap_key
cef_string_multimap_value
cef_string_utf8_to_utf16
cef_string_utf16_clear
cef_string_utf16_set
cef_time_delta
cef_time_now
cef_get_current_platform_thread_id
cef_get_min_log_level
cef_time_to_timet
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_utf8_clear
cef_string_multimap_size

gdiplus

GdipFree
GdipAlloc
GdipCloneImage
GdipGetImageHeight
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageWidth

shlwapi

PathFindFileNameW
PathFindExtensionW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathIsUNCW
PathFileExistsW
PathIsDirectoryW

d3d11

D3D11CreateDevice

imm32

ImmAssociateContextEx
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmGetContext
ImmGetCompositionStringW
ImmGetOpenStatus

opengl32

wglCreateContext
glHint
wglMakeCurrent
glTexSubImage2D
glTexImage2D
glPopMatrix
glVertex2i
glColor3f
glLineWidth
glOrtho
glPushMatrix
glDisable
glDrawArrays
glInterleavedArrays
glEnable
glBlendFunc
glRotatef
glPopAttrib
glEnd
glVertex2f
glColor4f
glBegin
glPushAttrib
glViewport
glLoadIdentity
glMatrixMode
glClear
glDeleteTextures
glTexEnvf
glTexParameteri
glBindTexture
glGenTextures
glPixelStorei
glClearColor
wglDeleteContext

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
GetUserNameW

oleaut32

SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
VariantCopy
VariantTimeToSystemTime
VarBstrFromDate
SysAllocString
SysFreeString

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
SHCreateDirectoryExW
DragFinish
DragQueryFileW
SHGetFolderPathW
ShellExecuteW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListW

kernel32

InitializeCriticalSectionAndSpinCount
FreeLibrary
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
GetComputerNameW
GetModuleFileNameW
CreateMutexW
GetCommandLineW
ReleaseMutex
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineA
ExitProcess
FreeLibraryAndExitThread
ExitThread
CreateThread
GetDriveTypeW
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
MultiByteToWideChar
GetTickCount
CloseHandle
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetCurrentProcessId
FindResourceW
LoadResource
GetStringTypeW
LCMapStringW
SwitchToThread
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
LockResource
SizeofResource
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetUserDefaultLCID
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
FindResourceExW
GetFileAttributesW
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetTempPathW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
GlobalFlags
lstrcpyW
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
lstrcmpA
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
FreeResource
OutputDebugStringA
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
WideCharToMultiByte
SetLastError
VerifyVersionInfoW
VerSetConditionMask
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
LoadLibraryW
GetModuleHandleW
OutputDebugStringW
GetLastError
GetCurrentThreadId

user32

GetWindowLongPtrW
GetWindowRect
IsWindow
GetWindowLongW
SetWindowLongW
SetLayeredWindowAttributes
IsWindowVisible
RegisterWindowMessageW
GetMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyWindow
PostQuitMessage
RegisterClassExW
CreateWindowExW
DefWindowProcW
PostMessageW
ClientToScreen
SetRect
GetParent
GetFocus
GetClientRect
InvalidateRect
PtInRect
NotifyWinEvent
ScreenToClient
RegisterClipboardFormatW
CreateCaret
DestroyCaret
SetCaretPos
GetDC
ReleaseDC
GetMessageExtraInfo
SetFocus
RegisterTouchWindow
LoadCursorW
GetMessageTime
GetSystemMetrics
GetDoubleClickTime
SetCapture
GetCapture
ReleaseCapture
GetWindowRgn
GetComboBoxInfo
SetParent
CreateMenu
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
DrawIcon
GetKeyNameTextW
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
PostThreadMessageW
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
ModifyMenuW
CharUpperBuffW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
LockWindowUpdate
BringWindowToTop
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
MapVirtualKeyW
GetKeyboardState
ToUnicodeEx
DrawIconEx
DrawFocusRect
DrawFrameControl
DrawEdge
LoadImageW
DestroyIcon
WaitMessage
MapDialogRect
CopyImage
MonitorFromPoint
UnionRect
EnableScrollBar
DestroyMenu
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemInfoW
SetWindowPos
DestroyCursor
ShowWindow
CreatePopupMenu
MessageBeep
SetWindowRgn
DeleteMenu
GetSystemMenu
GetAsyncKeyState
CharUpperW
RealChildWindowFromPoint
GetWindowTextW
FrameRect
CopyRect
UnregisterClassW
SetActiveWindow
IsZoomed
GetKeyState
KillTimer
SetTimer
GetWindowThreadProcessId
EnumChildWindows
RemovePropW
SetPropW
GetPropW
SetWindowLongPtrW
EnableWindow
GetMenu
SetWindowTextW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
CallWindowProcW
LoadIconW
AdjustWindowRectEx
IsRectEmpty
UpdateWindow
EndDialog
SetCursor
SetClassLongPtrW
CloseTouchInputHandle
SendMessageW
GetTouchInputInfo
EndPaint
BeginPaint
VkKeyScanExW
GetKeyboardLayout
WindowFromPoint
GetCursorPos
TrackMouseEvent
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawStateW
FillRect
GetClassNameW
LoadBitmapW
CreateDialogIndirectParamW
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
GetDesktopWindow
MessageBoxW
GetLastActivePopup
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
GetSysColor
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
PeekMessageW
GetMessagePos
RegisterClassW
GetClassInfoW
GetClassInfoExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
IsIconic
GetDlgCtrlID
SetMenu
TrackPopupMenu
GetForegroundWindow
SetForegroundWindow
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
GetWindowTextLengthW
MapWindowPoints
EqualRect
GetClassLongPtrW
GetTopWindow
GetWindow
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
MoveWindow
CheckDlgButton
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
ShowOwnedPopups
LoadMenuW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
InflateRect
IntersectRect
GetSysColorBrush
SystemParametersInfoW
EnumDisplayMonitors

gdi32

GetWindowOrgEx
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
RoundRect
LPtoDP
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
Rectangle
OffsetRgn
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
GetViewportOrgEx
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
Polyline
Polygon
CreatePolygonRgn
GetBkColor
Ellipse
CreateEllipticRgn
CreateDIBSection
CreateRoundRectRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
DPtoLP
PatBlt
CreateRectRgnIndirect
CreateFontIndirectW
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetPixelV
GetTextFaceW
GetTextColor
CreateDCW
RectVisible
GetTextExtentPoint32W
DeleteDC
GetDeviceCaps
CombineRgn
SetRectRgn
CreateFontW
PtInRegion
DeleteObject
CreateRectRgn
CreateSolidBrush
SetPixelFormat
ChoosePixelFormat
SwapBuffers
CopyMetaFileW
RestoreDC
GetStockObject
GetObjectW
BitBlt
CreateBitmap
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
GetViewportExtEx

ole32

OleDestroyMenuDescriptor
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
CoDisconnectObject
CreateStreamOnHGlobal
CoInitializeEx
OleLockRunning
RevokeDragDrop
OleCreateMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal

msimg32

AlphaBlend
TransparentBlt

uxtheme

GetThemeColor
DrawThemeBackground
CloseThemeData
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
GetCurrentThemeName

winmm

PlaySoundW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7d13a58a328a5f21708203e9c4ac327

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

krshmq

libcef

gdiplus

shlwapi

d3d11

imm32

opengl32

oleacc

advapi32

oleaut32

shell32

kernel32

user32

gdi32

ole32

msimg32

uxtheme

winmm

winspool.drv

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 996KB - Virtual size: 996KB

.data Size: 42KB - Virtual size: 73KB

.pdata Size: 161KB - Virtual size: 160KB

.gxfg Size: 12KB - Virtual size: 11KB

.gehcont Size: 512B - Virtual size: 24B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 69KB - Virtual size: 68KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 996KB - Virtual size: 996KB

.data
Size: 42KB - Virtual size: 73KB

.pdata
Size: 161KB - Virtual size: 160KB

.gxfg
Size: 12KB - Virtual size: 11KB

.gehcont
Size: 512B - Virtual size: 24B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 69KB - Virtual size: 68KB