5d9e3e44b4937ed2bab0606211d99e2557d8724c6849c5c26856fdfe55f3897e

Sharing

Copy URL Twitter E-mail

General

Target

5d9e3e44b4937ed2bab0606211d99e2557d8724c6849c5c26856fdfe55f3897e
Size

1.7MB
MD5

e8afabbbfd8370672074067fe28dccd3
SHA1

3d944ef4dd989cebdf23ea5991cc3e89ea3c609c
SHA256

5d9e3e44b4937ed2bab0606211d99e2557d8724c6849c5c26856fdfe55f3897e
SHA512

496bbd7c738264656354672a770ef34237baff0f430e2021f4d3dda96486cfffb555fd0a9392899525061bbac1c8b5d580e78222b43395abcb59e8624ede72ec
SSDEEP

24576:qOxYpuWzmihyvbejRpIISb2QHKpDSbixSimxN964GmB9:qOx3WzmihyDrISbLHKQbigvN96hmB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d9e3e44b4937ed2bab0606211d99e2557d8724c6849c5c26856fdfe55f3897e

Files

5d9e3e44b4937ed2bab0606211d99e2557d8724c6849c5c26856fdfe55f3897e
.dll regsvr32 windows:5 windows x86 arch:x86

827e8d5d30366b22ce4d26b74e246792

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\FlexCell\FlexCell\ReleaseMinDependency\FlexCell.pdb

Imports

kernel32

ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetFileType
GetStdHandle
GetACP
GetCurrentThread
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
VirtualQuery
VirtualProtect
GetSystemInfo
InterlockedFlushSList
RtlUnwind
GetCurrentProcessId
SetConsoleCtrlHandler
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
FormatMessageW
LocalFree
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
SetFilePointerEx
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
WriteConsoleW
SetEndOfFile
WaitForSingleObjectEx
FindNextFileA
GetTempFileNameW
GetTempPathW
GetFileSize
GetProfileStringW
lstrcpyW
CopyFileW
CreateFileW
CreateDirectoryW
GetPrivateProfileStringA
GetPrivateProfileIntW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
CloseHandle
GetFileTime
HeapCreate
GlobalFree
GlobalSize
InterlockedExchange
GetVersionExW
LoadLibraryExW
lstrcmpiW
GetLocalTime
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
DisableThreadLibraryCalls
FreeLibrary
InterlockedIncrement
EncodePointer
LoadLibraryA
lstrcmpW
GetTickCount
GetCurrentThreadId
DeleteFileW
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
FindResourceExW
FindResourceW
SizeofResource
LoadResource
LeaveCriticalSection
EnterCriticalSection
LockResource
GetFileAttributesW
OutputDebugStringA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
LoadLibraryW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
RaiseException
GetProcessHeap
HeapSize
DecodePointer
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetVersion
GetProcAddress
QueryPerformanceCounter

user32

SetTimer
KillTimer
DrawTextW
BeginPaint
EndPaint
InvalidateRect
GetClientRect
GetWindowRect
SetCursor
GetCursorPos
ScreenToClient
MapWindowPoints
SetRect
PtInRect
GetWindowLongW
GetParent
GetWindow
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetActiveWindow
keybd_event
InvalidateRgn
GetScrollPos
EnableScrollBar
GetPropW
EndDialog
SetWindowPos
UnregisterClassW
ShowCursor
GetCursor
GetClassNameW
LoadBitmapW
LoadIconW
DestroyIcon
GetDlgItem
CreateDialogParamW
IsIconic
IsZoomed
SystemParametersInfoW
OpenClipboard
MessageBoxW
GetDC
ReleaseDC
TrackMouseEvent
SendMessageW
DefWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
DestroyWindow
ShowWindow
MoveWindow
IsWindowVisible
SetFocus
GetCapture
SetCapture
ReleaseCapture
EnableWindow
IsWindowEnabled
UpdateWindow
SetScrollPos
ShowScrollBar
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
ClientToScreen
SetWindowLongW
GetClassLongW
SetClassLongW
GetDesktopWindow
DestroyCursor
SetParent
SetScrollInfo
GetScrollInfo
CallWindowProcW
GetAsyncKeyState
GetUpdateRect
SetPropW
FillRect
GetForegroundWindow
DrawEdge
IsChild
RegisterClipboardFormatW
CharNextW
GetFocus
GetKeyState
GetSystemMetrics
SetWindowRgn
IntersectRect
UnionRect
OffsetRect
DialogBoxParamW
PeekMessageW
DispatchMessageW
TranslateMessage
GetSysColor
GetWindowDC
EqualRect

gdi32

PlgBlt
SetPixelV
CreatePatternBrush
CreateBitmap
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
LPtoDP
SetMapMode
SaveDC
RestoreDC
DeleteMetaFile
CreateRectRgnIndirect
CreateMetaFileW
CreateDCW
CloseMetaFile
SetPixel
SetBkColor
CreateCompatibleBitmap
GetCharWidthW
TextOutW
MoveToEx
SelectClipRgn
Pie
LineTo
GetTextExtentPoint32W
PatBlt
GetClipRgn
CreateSolidBrush
CreateRectRgn
CreatePen
CombineRgn
Arc
SetTextColor
SetStretchBltMode
StretchBlt
SetBkMode
SelectObject
DeleteObject
DeleteDC
CreateFontW
CreateCompatibleDC
BitBlt
SetDIBColorTable
GetCurrentObject
GetDIBits
ResetDCW
SetDIBits
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
GetStockObject
Rectangle
SetROP2
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
CreateDIBSection
ExtCreatePen
GetObjectW
CreatePolygonRgn
GetDeviceCaps
DeleteEnhMetaFile
SetBrushOrgEx

winspool.drv

OpenPrinterW
DeviceCapabilitiesW
ClosePrinter
GetPrinterW
EnumPrintersW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

OleRegGetUserType
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
ReadClassStm
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemRealloc
OleRegGetMiscStatus
StringFromGUID2
CoCreateInstance
StgCreateDocfile
CoCreateGuid
CoInitialize
OleRun
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemAlloc
OleRegEnumVerbs

oleaut32

OleTranslateColor
OleCreatePictureIndirect
OleCreateFontIndirect
VarFormat
SysAllocStringLen
OleCreatePropertyFrame
UnRegisterTypeLi
RegisterTypeLi
VarCmp
VarUI4FromStr
VariantChangeType
SetErrorInfo
GetErrorInfo
CreateErrorInfo
VariantClear
VariantInit
VarUdateFromDate
VarDateFromStr
LoadRegTypeLi
LoadTypeLi
SysStringLen
VarFormatNumber
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectRect
GdipFillRectangleI
GdipDrawLineI
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipLoadImageFromFile
GdipCloneImage
GdipSetPenColor
GdipSetSolidFillColor
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipReleaseDC
GdipResetClip
GdipSetClipRectI
GdipDrawLines
GdipSetSmoothingMode
GdipDeletePen
GdipCreatePen1
GdiplusStartup
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdiplusShutdown
GdipLoadImageFromFileICM
GdipGetImageRawFormat
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipGetImageGraphicsContext

uxtheme

CloseThemeData
OpenThemeData
IsAppThemed
GetThemePartSize
DrawThemeBackground

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

827e8d5d30366b22ce4d26b74e246792

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

gdiplus

uxtheme

imm32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 226KB - Virtual size: 226KB

.data Size: 31KB - Virtual size: 80KB

.rsrc Size: 312KB - Virtual size: 312KB

.reloc Size: 56KB - Virtual size: 56KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 226KB - Virtual size: 226KB

.data
Size: 31KB - Virtual size: 80KB

.rsrc
Size: 312KB - Virtual size: 312KB

.reloc
Size: 56KB - Virtual size: 56KB