363a4e469a31c406602f1b59d4e6ac82da35c67e35c0708936d07fd37e74f944

Sharing

Copy URL Twitter E-mail

General

Target

363a4e469a31c406602f1b59d4e6ac82da35c67e35c0708936d07fd37e74f944
Size

148KB
MD5

1759d0237f3450b8c1fe5b2ccfad249c
SHA1

1cfcdea7aaba3831cb00109cd2a0493ea64fd973
SHA256

363a4e469a31c406602f1b59d4e6ac82da35c67e35c0708936d07fd37e74f944
SHA512

16fe576b199a44b20ee0167f2cfec46832b0ad90d23e39ef8bff34650e4ec0bb7fa881b860a9af92c97a3bf6601cabe9e97c445a7b41954b8e999ef042f1b63f
SSDEEP

3072:DF+RF1GrG8epuhxmkel2CqeRNEEQjt+x/:cz1Gy8o27eR2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
363a4e469a31c406602f1b59d4e6ac82da35c67e35c0708936d07fd37e74f944

Files

363a4e469a31c406602f1b59d4e6ac82da35c67e35c0708936d07fd37e74f944
.dll windows:4 windows x86 arch:x86

3297415e0150327c57aa65f81a1009f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
lstrcmpA
CloseHandle
GetTickCount
HeapCreate
ExitProcess
HeapReAlloc
IsBadReadPtr
CreateDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
LocalFree
ReadFile
GetFileSize
CreateFileA
Sleep
WriteFile
LCMapStringA
MulDiv
HeapDestroy
RtlZeroMemory
lstrlenW
GetProcessHeap
HeapAlloc
VirtualAlloc
RtlMoveMemory
HeapFree
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetTempPathA
GetWindowsDirectoryA
CreateThread
GetModuleHandleA
GetModuleFileNameA
lstrcmpiA
GetProcAddress
LoadLibraryA
GetSystemDirectoryA

user32

IsWindow
MessageBoxA
FindWindowExA
GetWindowThreadProcessId
SetTimer
IsWindowVisible
KillTimer
wsprintfA
GetDlgItem
FindWindowA
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassW
GetDC
ReleaseDC
DefWindowProcW
SetWindowLongW
ShowWindow
DestroyWindow
SendMessageW
GetWindowRect
GetParent
ScreenToClient
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetWindowLongW
MoveWindow
GetSysColor
GetSysColorBrush
GetAncestor
GetMessageW
GetWindowTextA
GetWindowTextLengthA
SendMessageA
SetWindowTextA
InvalidateRect
SetLayeredWindowAttributes
EnableWindow
IsWindowEnabled
CreateWindowExW
SystemParametersInfoA
AdjustWindowRectEx
TrackMouseEvent
PrintWindow
DrawTextW
GetClientRect
GetWindowTextLengthW

ole32

CoUninitialize
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoInitialize

shell32

DragFinish
DragQueryFileW
SHGetSpecialFolderPathA

shlwapi

wvnsprintfA
StrDupW

gdi32

CreateSolidBrush
StretchBlt
SetStretchBltMode
GetObjectA
CreateCompatibleBitmap
DeleteDC
DeleteObject
BitBlt
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkMode
SetBkColor
SetTextColor
GetDeviceCaps
GetStockObject

comctl32

InitCommonControlsEx

gdiplus

GdipDeleteGraphics
GdipDrawImageRectRect
GdipGetImageWidth
GdipGetImageHeight
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipDeleteBrush
GdipFillRectangle
GdipCreateTexture
GdipGraphicsClear
GdipCreateFromHDC
GdiplusStartup

atl

ord11
ord42

uxtheme

DrawThemeParentBackground

wininet

InternetTimeToSystemTime

msvcrt

malloc
_ftol
sprintf
memmove
__CxxFrameHandler
strncmp
realloc
atof
strtod
atoi
free
strchr
??3@YAXPAX@Z
??2@YAPAXI@Z
modf
_CIfmod

oleaut32

VariantClear
SysAllocString
SafeArrayDestroy
SafeArrayCreate
VariantCopy
RegisterTypeLi
LHashValOfNameSys
LoadTypeLi
VariantChangeType
VarR8FromBool
VarR8FromCy
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantInit
SafeArrayGetElemsize

Exports

Exports

DirectInput8Create

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3297415e0150327c57aa65f81a1009f4

Headers

File Characteristics

Imports

kernel32

user32

ole32

shell32

shlwapi

gdi32

comctl32

gdiplus

atl

uxtheme

wininet

msvcrt

oleaut32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 55KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 55KB

.reloc
Size: 8KB - Virtual size: 4KB