e22df46e2812717a991a030ac2f9a023fc249bcdcdf6af0f954f88587c88e2ae

Sharing

Copy URL Twitter E-mail

General

Target

e22df46e2812717a991a030ac2f9a023fc249bcdcdf6af0f954f88587c88e2ae
Size

349KB
MD5

b610d059679936cb04c5669ceddf6077
SHA1

aa62571ade4ad27ae0d63dceaf905d784b6b749b
SHA256

e22df46e2812717a991a030ac2f9a023fc249bcdcdf6af0f954f88587c88e2ae
SHA512

54dd8075911c91d5987f46b335dac0e6c2f6dfbd35e382e53153091eebbc88ccd2cafbe0ccb5bc0191e5105b39101545796a80183ca18bcb561de120fb54cfe0
SSDEEP

6144:BD0juNKBzzXrjVzM/Wz6rNTIM7/RHbXJeVQv8dmvIhs01vc2hQLldX0jZzj1mUyJ:BD0juNKBzzXrjVzM/Wz6rNTIM7/RHbXh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e22df46e2812717a991a030ac2f9a023fc249bcdcdf6af0f954f88587c88e2ae

Files

e22df46e2812717a991a030ac2f9a023fc249bcdcdf6af0f954f88587c88e2ae
.dll windows:6 windows x86 arch:x86

ff5098ce272be3317f4c27afc00b79b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\assemblage\Builds\1192149242465691871cxrdgmhkdi\Open-Source-Lua-Wrapper-master\Lua-Wrapper\assemblage_outdir_bin\Lua-Wrapper.pdb

Imports

kernel32

QueryPerformanceCounter
GetModuleFileNameA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
ReadFile
CreateNamedPipeA
VirtualFree
SetConsoleTitleA
VirtualAlloc
GetModuleHandleA
DisconnectNamedPipe
Sleep
DisableThreadLibraryCalls
FreeConsole
CreateThread
AddVectoredExceptionHandler
GetConsoleWindow
IsBadReadPtr
AllocConsole
GlobalUnlock
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
QueryPerformanceFrequency
VirtualProtect
GlobalLock
GlobalFree
GlobalAlloc
ConnectNamedPipe

user32

GetCursorPos
GetSystemMetrics
ShowWindow
SetCursorPos
ReleaseCapture
SendInput
GetKeyState
LoadCursorA
ScreenToClient
GetClientRect
SetCursor
SetCapture
GetForegroundWindow
IsChild
ClientToScreen
GetCapture
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetWindowRect
SetWindowLongA
OpenClipboard
CallWindowProcA
GetWindowLongA
FindWindowW
SetWindowPos

msvcp140

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?_Xout_of_range@std@@YAXPBD@Z

d3dcompiler_47

D3DCompile

d3d11

D3D11CreateDeviceAndSwapChain

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

xinput1_4

ord4
ord2

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

vcruntime140

memset
__std_type_info_destroy_list
_CxxThrowException
_except_handler4_common
_setjmp3
memchr
memcpy
memmove
__CxxFrameHandler3
__current_exception_context
__current_exception
strchr
__std_exception_destroy
strrchr
longjmp
strstr
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
strerror
_initterm_e
_initterm
terminate
_errno
_cexit
exit
system
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-stdio-l1-1-0

getc
fopen
ferror
ungetc
tmpnam
feof
ftell
freopen
__acrt_iob_func
fflush
fclose
__stdio_common_vsscanf
fseek
__stdio_common_vfprintf
fputs
fgets
fread
fwrite
_wfopen
clearerr
_pclose
tmpfile
setvbuf
_popen
__stdio_common_vfscanf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

iscntrl
isdigit
strcspn
strncat
isspace
strncpy
toupper
isalnum
strcoll
islower
ispunct
isxdigit
tolower
isupper
strpbrk
isalpha

api-ms-win-crt-utility-l1-1-0

qsort
rand
srand

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
free
malloc

api-ms-win-crt-convert-l1-1-0

strtoul
strtod

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-math-l1-1-0

_CIsinh
_CItanh
modf
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_CIfmod
frexp
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
_CIcosh
_libm_sse2_log_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
ldexp
_libm_sse2_tan_precise
_CIatan2
ceil
floor
_libm_sse2_pow_precise

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_difftime64
_localtime64
strftime
_gmtime64
clock
_mktime64
_time64

api-ms-win-crt-filesystem-l1-1-0

rename
remove

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff5098ce272be3317f4c27afc00b79b0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

d3dcompiler_47

d3d11

imm32

xinput1_4

wininet

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: 255KB - Virtual size: 255KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 9KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 255KB - Virtual size: 255KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 9KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 9KB - Virtual size: 8KB