3a85a951b1ca08203e1ea024f72fe6757c1fe16e824efde7454820f1f0a42067

Sharing

Copy URL

Twitter E-mail

General

Target

3a85a951b1ca08203e1ea024f72fe6757c1fe16e824efde7454820f1f0a42067
Size

2.8MB
MD5

40e6d31fe37ceef500e6bee222049c37
SHA1

c2df70ad56ac58e3ebfebad061e0ddfd9f71a0ae
SHA256

3a85a951b1ca08203e1ea024f72fe6757c1fe16e824efde7454820f1f0a42067
SHA512

922de23c726a4e7fbc5b58de3b459fe07764ee74d96006d05c256f844a72f741893be08ff62a29bfe12e1334b14322f46059268a343cea667e84ae932f84fa4b
SSDEEP

49152:pX9b03XMV6RKji6kGJ7QTksXeZTkiDl6av/i+AzyGIKcK8n1CjoJ6eV27q8:/Bl/i+Azjfcz1C9eVa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a85a951b1ca08203e1ea024f72fe6757c1fe16e824efde7454820f1f0a42067

Files

3a85a951b1ca08203e1ea024f72fe6757c1fe16e824efde7454820f1f0a42067
.dll windows:6 windows x64 arch:x64

7869ac0e463536a6a7224390520bb784

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
ResetEvent
VirtualQuery
CopyFileW
GetCurrentDirectoryW
GetSystemInfo
DeleteFileW
GlobalFlags
GetFileAttributesExW
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExW
GetFileAttributesW
FindClose
FindNextFileW
GetCommandLineW
SetLastError
FindFirstFileW
FreeLibrary
GetUserDefaultLCID
FindResourceW
LoadResource
LockResource
FreeResource
GetCurrentThreadId
InitializeCriticalSection
SizeofResource
GlobalReAlloc
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalSize
IsDebuggerPresent
CreateEventW
ResumeThread
SetThreadPriority
CreateThread
WaitForSingleObject
SetEvent
GetModuleFileNameW
GetPrivateProfileStringW
GetTickCount
ReadProcessMemory
WriteProcessMemory
GetSystemTimeAsFileTime
ReadFile
TerminateProcess
Process32NextW
Process32FirstW
CloseHandle
TerminateThread
OpenProcess
OpenThread
Thread32Next
Thread32First
CreateToolhelp32Snapshot
WideCharToMultiByte
ExitProcess
Sleep
GetCurrentProcess
GetCurrentThread
LoadLibraryW
GetCurrentProcessId
GetProcAddress
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetWindowsDirectoryW
GetTempFileNameW
FindResourceExW
GetProfileIntW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
GetTempPathW
SearchPathW
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
LoadLibraryExW
OutputDebugStringA
GetModuleHandleExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GetPrivateProfileIntW
WritePrivateProfileStringW
GlobalAddAtomW
lstrcpyW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
LocalFree
SetErrorMode
FormatMessageW
EncodePointer
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
CompareStringW
GetThreadLocale
GlobalFindAtomW
CreateFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
GlobalGetAtomNameW
VerSetConditionMask
VerifyVersionInfoW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime

user32

GetWindowLongW
GetLastActivePopup
IsZoomed
RedrawWindow
MessageBeep
OffsetRect
SystemParametersInfoW
RegisterWindowMessageW
ScreenToClient
GetSysColor
FillRect
CopyRect
InflateRect
MonitorFromPoint
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DeleteMenu
GetDlgCtrlID
SetWindowTextW
ClientToScreen
PtInRect
RealChildWindowFromPoint
KillTimer
UpdateWindow
InvalidateRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
BeginPaint
EndPaint
PostThreadMessageW
ShowWindow
GetDlgItem
CheckDlgButton
SetFocus
SetWindowLongW
IsDialogMessageW
CharNextW
SetCapture
ReleaseCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
EqualRect
IsChild
GetNextDlgGroupItem
GetNextDlgTabItem
GetTopWindow
GetMessagePos
GetMessageTime
GetClassInfoExW
IsMenu
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
DispatchMessageW
GetForegroundWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
AdjustWindowRectEx
MapWindowPoints
SetWindowLongPtrW
GetClassLongPtrW
SetScrollInfo
GetScrollInfo
WinHelpW
GetSysColorBrush
DestroyIcon
CharUpperW
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
LoadMenuW
CreatePopupMenu
DestroyMenu
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
IsWindowEnabled
SetParent
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateW
TrackMouseEvent
GetAsyncKeyState
GetSystemMenu
SetWindowRgn
WindowFromPoint
NotifyWinEvent
ModifyMenuW
WaitMessage
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetClassLongPtrW
DrawEdge
DrawFrameControl
DrawFocusRect
DrawIconEx
UnionRect
GetIconInfo
GetMenuItemInfoW
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetKeyNameTextW
SetCursorPos
CharUpperBuffW
UpdateLayeredWindow
EnableScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
CopyIcon
FrameRect
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsCharLowerW
MapVirtualKeyExW
SubtractRect
GetUpdateRect
GetDoubleClickTime
CreateMenu
DestroyCursor
GetComboBoxInfo
DrawIcon
GetWindowRgn
HideCaret
InvertRect
TranslateMessage
GetWindowThreadProcessId
GetClassNameW
IsWindowVisible
GetPropW
CallWindowProcW
RemovePropW
GetWindowRect
UnhookWindowsHookEx
ShowScrollBar
MessageBoxW
ReleaseDC
GetClientRect
GetWindowDC
GetSystemMetrics
GetDC
LoadImageW
GetParent
GetDesktopWindow
LoadCursorW
LoadIconW
SetPropW
RegisterClassW
SetTimer
GetClassInfoW
GetMessageW
LoadBitmapW
GetActiveWindow
LoadStringW
GetWindowLongPtrW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
RegisterClipboardFormatW
PostQuitMessage
EnableWindow
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
ReuseDDElParam
IsWindow
FindWindowExW
GetWindowTextW
GetWindowTextLengthW
GetMonitorInfoW
SendMessageW
CreateWindowExW
DestroyWindow
PostMessageW
DefWindowProcW
CopyImage
SetForegroundWindow
SetClipboardData
PeekMessageW
UnregisterClassW
MoveWindow
GetKeyState
MonitorFromWindow
SetActiveWindow
OpenClipboard
CloseClipboard
EmptyClipboard

gdi32

LineTo
PtVisible
RectVisible
GetWindowExtEx
SaveDC
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
IntersectClipRect
GetViewportExtEx
GetPixel
GetObjectType
RestoreDC
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateDIBitmap
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
GetDeviceCaps
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
GetTextExtentPoint32W
CreateFontIndirectW
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
SetDIBColorTable
CreateCompatibleDC
CreateDCW
CopyMetaFileW
CreateBitmap
GetStockObject
RealizePalette
StretchBlt
SetPixelV
GetTextFaceW
GetNearestPaletteIndex
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
SetPaletteEntries
ExtFloodFill
GetPaletteEntries
RoundRect
EnumFontFamiliesExW
Rectangle
Polyline
Polygon
CreatePolygonRgn
Ellipse
CreateEllipticRgn
DPtoLP
SetRectRgn
GetMapMode
OffsetRgn
CreateRoundRectRgn
SetPixel
PatBlt
CombineRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
DeleteDC
DeleteObject
GetObjectW
CreatePalette
SelectPalette
GetSystemPaletteEntries

advapi32

RegSetValueExW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueW
RegDeleteKeyW

shell32

DragQueryFileW
SHAppBarMessage
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
DragFinish
ShellExecuteW

ole32

OleDuplicateData
ReleaseStgMedium
CoGetClassObject
CoRevokeClassObject
OleFlushClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
DoDragDrop
OleGetClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoCreateGuid
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleIsCurrentClipboard

oleaut32

SafeArrayDestroy
SysStringLen
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VariantInit
LoadTypeLi
VariantClear
VariantChangeType
VariantCopy
SysAllocString
OleCreateFontIndirect

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControlsEx

iphlpapi

GetPerAdapterInfo
GetAdaptersInfo

psapi

GetMappedFileNameW

ws2_32

connect
socket
send
inet_addr
recv
closesocket
htons
WSAStartup
WSACleanup
gethostname

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
GetThemeSysColor
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
GetWindowTheme

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdiplusStartup
GdipGetImageHeight
GdipGetImagePaletteSize
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipDisposeImage
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipGetImagePalette
GdipSetCompositingMode
GdipCreateFromHDC

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Exports

Exports

DLLmin

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 583KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.'I7
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7869ac0e463536a6a7224390520bb784

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

iphlpapi

psapi

ws2_32

msimg32

shlwapi

uxtheme

oledlg

gdiplus

oleacc

imm32

winmm

winspool.drv

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 583KB - Virtual size: 583KB

.data Size: 33KB - Virtual size: 65KB

.pdata Size: 94KB - Virtual size: 93KB

.detourc Size: 8KB - Virtual size: 8KB

.detourd Size: 512B - Virtual size: 24B

_RDATA Size: 512B - Virtual size: 244B

.'I7 Size: 118KB - Virtual size: 118KB

.reloc Size: 62KB - Virtual size: 61KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 583KB - Virtual size: 583KB

.data
Size: 33KB - Virtual size: 65KB

.pdata
Size: 94KB - Virtual size: 93KB

.detourc
Size: 8KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 24B

_RDATA
Size: 512B - Virtual size: 244B

.'I7
Size: 118KB - Virtual size: 118KB

.reloc
Size: 62KB - Virtual size: 61KB

.rsrc
Size: 3KB - Virtual size: 2KB