5b52a2f119cd2cf72950c03b23329bf094208520de7ec9a7b6fa6c35ae1ce02a

Sharing

Copy URL Twitter E-mail

General

Target

5b52a2f119cd2cf72950c03b23329bf094208520de7ec9a7b6fa6c35ae1ce02a
Size

2.6MB
MD5

61f372b8b0f0c4855003a5935a8df7e9
SHA1

b669f8dfcc4d0808765ffee5636a60bb9af631fb
SHA256

5b52a2f119cd2cf72950c03b23329bf094208520de7ec9a7b6fa6c35ae1ce02a
SHA512

35487c4c4939ae3f637e68c8b945326497ac0d843d5d537af9f699f1fe6dae44101fa40cacbdb898458d88d044051a1b073f3fa7b919a4d05210970b5d2055dd
SSDEEP

49152:gWjZCx1LsyMV6RKjie8RfOm3JYeOdv8WuEs5otnyy1phE0AbeEUm3CouJG0:Ct4Iotyy1btAbeU3CouJv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b52a2f119cd2cf72950c03b23329bf094208520de7ec9a7b6fa6c35ae1ce02a

Files

5b52a2f119cd2cf72950c03b23329bf094208520de7ec9a7b6fa6c35ae1ce02a
.dll windows:6 windows x64 arch:x64

7898f4eafa13faa6936953b9e73c0b99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
CreateThread
SetEvent
Sleep
CreateEventW
SetThreadPriority
VirtualQuery
WideCharToMultiByte
CopyFileW
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
GetCurrentDirectoryW
GetSystemInfo
CloseHandle
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
GetFileAttributesW
WaitForSingleObject
FindClose
TerminateProcess
GetCurrentProcess
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
ReadFile
FreeLibrary
GetProcAddress
LoadLibraryW
GetTickCount
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
InitializeCriticalSection
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
GetModuleFileNameW
ExitProcess
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
LCMapStringW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
FlsFree
OutputDebugStringA
GetCurrentThread
GetModuleHandleExW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
lstrcpyW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
SetErrorMode
FormatMessageW
EncodePointer
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
CompareStringW
GetThreadLocale
GlobalFindAtomW
CreateFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
VirtualProtect
SearchPathW
GetTempPathW
GetProfileIntW
FindResourceExW
GetTempFileNameW
GetWindowsDirectoryW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
GetCommandLineA
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
VirtualAlloc
QueryPerformanceFrequency
SetStdHandle
GetFileType
SetFilePointerEx
GetStdHandle
GetConsoleOutputCP
GetConsoleMode
FlsAlloc
FlsGetValue
FlsSetValue

user32

DrawTextExW
GrayStringW
TabbedTextOutW
BeginPaint
EndPaint
PostThreadMessageW
ShowWindow
GetDlgItem
CheckDlgButton
SetFocus
GetWindowTextLengthW
SetWindowLongW
IsDialogMessageW
CharNextW
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
EqualRect
IsChild
GetNextDlgGroupItem
GetNextDlgTabItem
GetTopWindow
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
GetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
AdjustWindowRectEx
MapWindowPoints
SetWindowLongPtrW
GetClassLongPtrW
SetScrollInfo
GetScrollInfo
WinHelpW
GetSysColorBrush
DestroyIcon
CharUpperW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
SetWindowTextW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
GetAsyncKeyState
GetSystemMenu
SetWindowRgn
InvalidateRect
NotifyWinEvent
ModifyMenuW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetClassLongPtrW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
GetDlgCtrlID
DeleteMenu
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetWindowDC
GetMenuStringW
UnhookWindowsHookEx
MonitorFromPoint
InflateRect
CopyRect
FillRect
GetSysColor
ScreenToClient
IsWindow
GetClientRect
GetWindowRect
LoadImageW
GetParent
GetDesktopWindow
LoadCursorW
LoadIconW
SetPropW
RegisterClassW
SetTimer
GetClassInfoW
GetActiveWindow
LoadStringW
DrawTextW
UpdateWindow
KillTimer
RealChildWindowFromPoint
GetClassNameW
PtInRect
ClientToScreen
WindowFromPoint
RegisterWindowMessageW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
PostQuitMessage
GetSystemMetrics
UnregisterClassW
MessageBoxW
ReleaseDC
GetWindowTextW
LoadMenuW
EnableWindow
GetWindowLongPtrW
GetKeyState
GetWindowThreadProcessId
MonitorFromWindow
SetActiveWindow
WaitForInputIdle
OpenClipboard
GetMonitorInfoW
CloseClipboard
EmptyClipboard
MoveWindow
SetClipboardData
SetForegroundWindow
CopyImage
DefWindowProcW
PostMessageW
DestroyWindow
GetPropW
CreateWindowExW
SendMessageW
RemovePropW
GetDC

gdi32

LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
GetWindowExtEx
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
IntersectClipRect
GetViewportExtEx
GetPixel
GetObjectType
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CombineRgn
PatBlt
SetPixel
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetPixelV
GetTextFaceW
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries
GetDeviceCaps
GetStockObject
RealizePalette
StretchBlt
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
GetTextExtentPoint32W
CreateDCW
CopyMetaFileW
CreateBitmap
SetRectRgn
GetMapMode
OffsetRgn
GetTextMetricsW
CreateRoundRectRgn

advapi32

RegQueryValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegCloseKey

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHAppBarMessage
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetFileInfoW
ShellExecuteW

ole32

OleDuplicateData
ReleaseStgMedium
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

VarBstrFromDate
VariantClear
VariantChangeType
VariantCopy
SysAllocString
SysFreeString
LoadTypeLi
VariantInit
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
OleCreateFontIndirect
SysStringLen
SysAllocStringLen

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed
GetThemeSysColor
GetCurrentThemeName

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipSetCompositingMode
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipDeleteGraphics
GdipGetImagePalette
GdipGetImageGraphicsContext

ws2_32

WSACleanup

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Exports

Exports

HttpInit
HttpUninit
zlib_compress
zlib_compressBound
zlib_uncompress

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7898f4eafa13faa6936953b9e73c0b99

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

msimg32

shlwapi

uxtheme

oledlg

gdiplus

ws2_32

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 558KB - Virtual size: 558KB

.data Size: 32KB - Virtual size: 62KB

.pdata Size: 89KB - Virtual size: 89KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 558KB - Virtual size: 558KB

.data
Size: 32KB - Virtual size: 62KB

.pdata
Size: 89KB - Virtual size: 89KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 60KB - Virtual size: 60KB