53880fdebf89ad99a9fdb934c2485cf33aa07511b3751655c6e822b4e8de7324

Sharing

Copy URL Twitter E-mail

General

Target

53880fdebf89ad99a9fdb934c2485cf33aa07511b3751655c6e822b4e8de7324
Size

6.3MB
MD5

195469a0b1904595f96230a04d587dd2
SHA1

0c544bfdbb43f8b528ca1138c88dbd8788e5844d
SHA256

53880fdebf89ad99a9fdb934c2485cf33aa07511b3751655c6e822b4e8de7324
SHA512

9951d89e75c495762c38bed2bfa3c2eafd8d60d904ffb7d714ca0f093c68c2c5d45ec79000e7d8b5b3a6802bce4914305d58c14d0a2960e22f30fe735ce93090
SSDEEP

98304:3TLnCTyuM+LUo8Rl7wKqfhZpDYTNW2M0c7xBVtAtpkyfN9TcX:XCTX8RlkvL2M0cnMpkyf/TcX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53880fdebf89ad99a9fdb934c2485cf33aa07511b3751655c6e822b4e8de7324

Files

53880fdebf89ad99a9fdb934c2485cf33aa07511b3751655c6e822b4e8de7324
.dll windows:6 windows x86 arch:x86

afb06182c03c04ea06a8a8c0541abfb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\hj_chat_helper\product\win32\dbginfo\hjvip.pdb

Imports

kernel32

IsBadReadPtr
MulDiv
FlushInstructionCache
InitializeCriticalSection
HeapCreate
FreeResource
GetFullPathNameW
FindFirstFileW
FindClose
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringA
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileAttributesW
QueryPerformanceFrequency
QueryPerformanceCounter
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
LeaveCriticalSection
WaitForMultipleObjects
EnterCriticalSection
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
SetEvent
CreateEventW
GetTickCount
GetCurrentProcessId
GetLocalTime
DeleteFileW
FormatMessageW
Sleep
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexW
SetEndOfFile
WriteConsoleW
SetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileAttributesExW
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetStdHandle
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetVersionExA
GetTimeFormatW
GetDateFormatW
GetConsoleOutputCP
GetCurrentThread
SetConsoleCtrlHandler
SetFilePointerEx
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
ExitProcess
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
ConvertThreadToFiber
ConvertFiberToThread
GetModuleHandleExW
FindNextFileW
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
SystemTimeToFileTime
GetSystemTime
VerifyVersionInfoA
VerSetConditionMask
PeekNamedPipe
GetFileType
GetStdHandle
GetEnvironmentVariableA
CompareFileTime
MoveFileExA
GetSystemDirectoryA
SleepEx
LoadLibraryExA
VirtualFree
SetFilePointer
GetModuleFileNameW
SetLastError
GetFileSizeEx
CreateDirectoryW
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
GetFileSize
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
RaiseException
CloseHandle
HeapReAlloc
LockResource
GetLastError
MultiByteToWideChar
CompareStringW
HeapSize
CreateFileW
InitializeCriticalSectionEx
WriteFile
HeapFree
SizeofResource
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetVersionExW
FormatMessageA
GetStringTypeW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
GetCPInfo
CompareStringEx
GetLocaleInfoEx
LCMapStringEx
LocalFree
EncodePointer
ReadFile

user32

DestroyWindow
PostMessageW
CallWindowProcW
DefWindowProcW
GetWindowLongW
PtInRect
GetWindowRect
MonitorFromRect
GetDC
ReleaseDC
SetWindowPos
SetUserObjectInformationW
SystemParametersInfoW
SetTimer
KillTimer
SendMessageW
SetActiveWindow
PostQuitMessage
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
CopyRect
GetSystemMetrics
OpenClipboard
EmptyClipboard
SetClipboardData
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetCursorPos
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
ScreenToClient
RegisterClassExW
GetFocus
GetMessageW
TranslateMessage
GetClassInfoExW
PeekMessageW
EnableMenuItem
GetSysColor
CloseClipboard
SetCursor
SetRect
InflateRect
IntersectRect
UnionRect
IsRectEmpty
EqualRect
DestroyCursor
CharNextW
GetUserObjectInformationW
GetProcessWindowStation
DrawIconEx
OffsetRect
DestroyIcon
GetIconInfo
GetKeyState
LoadBitmapW
CreateIconFromResource
LoadImageW
ShowWindow
GetActiveWindow
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetDlgItem
GetClientRect
MessageBoxW
LoadIconW
GetWindowPlacement
CreateWindowExW
IsWindow
LoadCursorW
SetWindowLongW
UpdateWindow
ReleaseCapture
SetCapture
GetClassNameW
MapWindowPoints
GetParent
GetWindow
TrackMouseEvent
AnimateWindow
SetLayeredWindowAttributes
IsIconic
IsZoomed
GetCapture
UnregisterClassW
DispatchMessageW
DeleteMenu
IsWindowVisible
GetForegroundWindow
MsgWaitForMultipleObjects
SetMenuContextHelpId
SetForegroundWindow
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DrawTextW
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsMenu
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
SetFocus

gdi32

SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
CreateRoundRectRgn
EnumFontsW
BitBlt
DeleteObject
GetDeviceCaps
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateFontIndirectW
GetCurrentObject
GetViewportOrgEx
CreateSolidBrush
GetClipBox
GetStockObject
Rectangle
SetBkMode
GetObjectW
SetGraphicsMode
GetDCOrgEx
StretchBlt
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx
SetTextColor
SetTextAlign
GetTextMetricsW
SetWorldTransform
ExtTextOutW
GetTextFaceW
GdiFlush
CreateCompatibleBitmap
SetViewportOrgEx
CreateDIBSection

advapi32

DeregisterEventSource
ReportEventW
RegCreateKeyExW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextW
RegisterEventSourceW
CryptReleaseContext
CryptGenRandom

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetFolderPathW

ole32

CreateStreamOnHGlobal
OleUninitialize
CoCreateGuid
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
OleInitialize

oleaut32

VariantClear
SysAllocString
VariantInit
GetErrorInfo
SysFreeString
VariantChangeType
SetErrorInfo
CreateErrorInfo

shlwapi

PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathAppendW
PathIsDirectoryW
StrToIntExW

wldap32

ord41
ord45
ord60
ord211
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord46
ord217
ord143
ord22
ord50

ws2_32

closesocket
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
accept
htonl
listen
ioctlsocket
__WSAFDIsSet
select
getaddrinfo
freeaddrinfo
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
recvfrom
sendto
gethostname
ntohl
shutdown
getnameinfo
gethostbyname

crypt32

CertFreeCertificateContext
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
CertOpenSystemStoreA
CertCloseStore
CertEnumCertificatesInStore

normaliz

IdnToAscii
IdnToUnicode

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

imm32

ImmAssociateContext
ImmReleaseContext
ImmGetContext

gdiplus

GdipGetImageEncoders
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipGraphicsClear
GdipDrawImageRectI
GdipGetImageEncodersSize

usp10

ScriptItemize
ScriptFreeCache
ScriptShape

opengl32

wglGetProcAddress
wglGetCurrentContext

Exports

Exports

DllGetClassObject

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afb06182c03c04ea06a8a8c0541abfb2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wldap32

ws2_32

crypt32

normaliz

version

imm32

gdiplus

usp10

opengl32

Exports

Exports

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 93KB - Virtual size: 197KB

.rsrc Size: 235KB - Virtual size: 234KB

.reloc Size: 248KB - Virtual size: 247KB

.text
Size: 4.7MB - Virtual size: 4.7MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 93KB - Virtual size: 197KB

.rsrc
Size: 235KB - Virtual size: 234KB

.reloc
Size: 248KB - Virtual size: 247KB