f328bf12a8c266587882ed248d9af504119a82d0fd46a434c39b54dc59981959

Sharing

Copy URL Twitter E-mail

General

Target

f328bf12a8c266587882ed248d9af504119a82d0fd46a434c39b54dc59981959
Size

1.1MB
MD5

15affa3ed05137ce9745d51b724befa5
SHA1

dc1d12edf9df626fbcbbe4550c84a48bdffa2d3c
SHA256

f328bf12a8c266587882ed248d9af504119a82d0fd46a434c39b54dc59981959
SHA512

51bfd8cac99bdbb24901037cf5a5562392dddbb97db781428cb5a0904df452fe8c0cc82f69a6149175c8bf1e2f06ba4c569017beafa632855291ff0989e82975
SSDEEP

24576:Ovtvi7QvAkkTuhlDZFnELZ8QPTc5FF/3T+Xsvfn7R:OVvi7Q7VlCusToFxxrR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f328bf12a8c266587882ed248d9af504119a82d0fd46a434c39b54dc59981959

Files

f328bf12a8c266587882ed248d9af504119a82d0fd46a434c39b54dc59981959
.dll windows:5 windows x86 arch:x86

410bf762e3e1da5d8a41bf3f7630aa02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
LCMapStringW
GetStringTypeW
HeapReAlloc
FreeLibrary
SetStdHandle
WriteConsoleW
CreateFileW
CloseHandle
FlushFileBuffers
GlobalUnlock
GlobalLock
lstrlenA
lstrcpyA
DosDateTimeToFileTime
ReadFile
HeapDestroy
LoadResource
GetSystemTimeAsFileTime
FindResourceW
GetProcessHeap
FlushInstructionCache
InitializeCriticalSection
FindClose
FindFirstFileW
FreeResource
GetFullPathNameW
MulDiv
GetVersionExA
GetVersionExW
LoadLibraryA
GetModuleHandleA
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
GetTimeZoneInformation
LocalFree
GetCurrentProcessId
GetTickCount
SizeofResource
QueryPerformanceCounter
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapSize
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetProcAddress
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapAlloc
HeapFree
GetLastError
GetModuleFileNameW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineA
GetCurrentThreadId
RtlUnwind
RaiseException
EncodePointer
DecodePointer
AttachConsole
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteFile
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
lstrcpynW
lstrcpyW
GlobalFree
ExitProcess
InterlockedDecrement
LockResource
InterlockedIncrement

user32

CharLowerBuffW
MapVirtualKeyA
GetFocus
SetRectEmpty
GetMenuItemInfoW
GetMenuItemCount
TrackPopupMenu
SetForegroundWindow
DestroyMenu
CreatePopupMenu
AppendMenuW
UpdateLayeredWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetRect
LoadImageW
LoadBitmapW
DestroyCursor
CharNextW
LoadCursorW
RegisterClassExW
GetDlgItem
DefWindowProcW
CreateWindowExW
UnregisterClassW
SetActiveWindow
LoadIconW
SetLayeredWindowAttributes
EndPaint
TrackMouseEvent
GetClassNameW
AnimateWindow
SetCaretPos
GetCaretBlinkTime
CreateCaret
HideCaret
IsZoomed
UpdateWindow
EnableWindow
ReleaseCapture
GetCursorPos
DestroyIcon
IsWindowVisible
IsIconic
SetFocus
SetCapture
ScreenToClient
InvalidateRect
IsWindow
DestroyWindow
KillTimer
SetTimer
SetCursor
UnionRect
IntersectRect
InflateRect
EqualRect
PtInRect
IsRectEmpty
CopyRect
CreateIconFromResource
CreateIconIndirect
GetSystemMetrics
OemToCharBuffW
InvertRect
GetDesktopWindow
IsWindowEnabled
SystemParametersInfoA
SetWindowPos
SendMessageW
PostMessageW
SetWindowTextW
OffsetRect
wsprintfW
GetWindowLongW
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromWindow
FillRect
GetIconInfo
DrawIconEx
DrawTextW
GetDC
ReleaseDC
SetWindowLongW
EnableMenuItem
GetSysColor
ClientToScreen
GetCapture
GetKeyState
GetWindowRect
GetActiveWindow
GetWindow
GetParent
ShowWindow
CallWindowProcW
MessageBoxW
FindWindowExW
BeginPaint

gdi32

CreateDIBSection
CreateCompatibleDC
ExtSelectClipRgn
SaveDC
CreateRectRgnIndirect
RestoreDC
ExcludeClipRect
IntersectClipRect
CreateRectRgn
GetClipBox
GetTextExtentPoint32W
Rectangle
RoundRect
CreateSolidBrush
Ellipse
SetWorldTransform
GetWorldTransform
CreateCompatibleBitmap
Polyline
Arc
Chord
CreatePen
CreateFontIndirectW
CreatePatternBrush
GetClipRgn
SetGraphicsMode
CreateDIBitmap
StretchDIBits
GetDeviceCaps
CreateBitmap
CreateDCW
GetObjectA
EnumFontsW
StretchBlt
CreateRoundRectRgn
GetViewportOrgEx
GetCurrentObject
SetBkMode
SelectObject
SetViewportOrgEx
GetStockObject
GetTextColor
SetTextColor
BitBlt
SetRectRgn
OffsetRgn
GetRgnBox
RectInRegion
PtInRegion
CombineRgn
GetObjectW
DeleteObject
DeleteDC

shell32

SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW

ole32

IIDFromString
CreateBindCtx
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
OleInitialize
OleUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo

shlwapi

StrCatW
PathIsRootW
PathRemoveBackslashW
StrToIntExW

gdiplus

GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipDrawImageRectI
GdiplusShutdown
GdipCloneImage
GdiplusStartup
GdipImageGetFrameCount
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipImageSelectActiveFrame

msimg32

GradientFill
AlphaBlend

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

Exports

Exports

BindControlAndNSISScript
BindingProgress
ClosePage
ConsoleShow
FindChildByName
FindStringByName
GetControlProperties
InitWindow
NSISMessageBox
NSISOpenFolderDialog
NSISScriptSendMessage
SetControlProperties
ShowPage

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 341KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

410bf762e3e1da5d8a41bf3f7630aa02

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

gdiplus

msimg32

imm32

Exports

Exports

Sections

.text Size: 544KB - Virtual size: 543KB

.rdata Size: 164KB - Virtual size: 163KB

.data Size: 26KB - Virtual size: 98KB

.rsrc Size: 341KB - Virtual size: 341KB

.reloc Size: 54KB - Virtual size: 54KB

.text
Size: 544KB - Virtual size: 543KB

.rdata
Size: 164KB - Virtual size: 163KB

.data
Size: 26KB - Virtual size: 98KB

.rsrc
Size: 341KB - Virtual size: 341KB

.reloc
Size: 54KB - Virtual size: 54KB