93a72ee84c94e475ea2ad551e51b315e4cc21a5febf05fcd48ef66a0e2ed29e2

Sharing

Copy URL Twitter E-mail

General

Target

93a72ee84c94e475ea2ad551e51b315e4cc21a5febf05fcd48ef66a0e2ed29e2
Size

243KB
MD5

0c07eed679fb3a8b85d020b9e54105b3
SHA1

543773a0e77af0eb3ea511e3e002e491b0d2e395
SHA256

93a72ee84c94e475ea2ad551e51b315e4cc21a5febf05fcd48ef66a0e2ed29e2
SHA512

87f25a154d11a8ec54a3704eece9934bfc194df1527cc9f2cef87af5b8a41770b73a9936110b68e7df7089d682b992c019197d282cef2675a27a766c62893dcf
SSDEEP

3072:mcHl2QDt6xd5tvRoJUECVFOj+N0TPqjiZWQuMTaSryukPkM1BTJK5/Kc7JnqpX+B:zFOoOh7C+N0+gTmukPkM1BTJ1c7Jnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a72ee84c94e475ea2ad551e51b315e4cc21a5febf05fcd48ef66a0e2ed29e2

Files

93a72ee84c94e475ea2ad551e51b315e4cc21a5febf05fcd48ef66a0e2ed29e2
.dll windows:10 windows x86 arch:x86

9cde04e5d1ce686db5c81ecfb82a3b55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

scansetting.pdb

Imports

mfc42u

ord6278
ord6279
ord4050
ord1771
ord324
ord641
ord2859
ord6193
ord4269
ord561
ord815
ord3948
ord2717
ord6466
ord1644
ord2455
ord3733
ord4616
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord5947
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord616
ord3084
ord795
ord3714
ord793
ord3711
ord790
ord3605
ord656
ord6107
ord2371
ord3090
ord3356
ord2809
ord826
ord269
ord600
ord1240
ord1571
ord1250
ord1568
ord1570
ord342
ord1179
ord1248
ord1115
ord1194
ord1563
ord3092
ord6195
ord609
ord3569
ord4390
ord2567
ord567
ord818
ord4418
ord3397
ord5286
ord1768
ord6051
ord3693
ord765
ord3592
ord1940
ord4221
ord366
ord565
ord5711
ord4693
ord2718
ord5299
ord817
ord860
ord5261
ord4370
ord4847
ord4992
ord2506
ord6048
ord1767
ord5276
ord4419
ord5977
ord3087
ord2637
ord6211
ord2634
ord4704
ord5949
ord1594
ord4155
ord4229
ord2294
ord1808
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord540
ord858
ord1106
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord4073
ord5677
ord2644
ord2385
ord1662
ord1165
ord535
ord940
ord861
ord942
ord538
ord1560
ord268
ord2810
ord800
ord3716

msvcrt

memmove
memcpy
memcmp
_ftol2_sse
_except_handler4_common
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
malloc
_callnewh
wcsrchr
_vsnwprintf
free
_wcsicmp
_purecall
__CxxFrameHandler3
memset

ntdll

WinSqmIncrementDWORD
WinSqmAddToStream

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
MulDiv
Sleep
SetFilePointer
GetFileSize
GetModuleFileNameW
CreateThread
GetFileSizeEx
GetFullPathNameW
DeleteFileW
LocalFree
LocalAlloc
CloseHandle
ReadFile
CreateFileW
GetLocaleInfoEx
GetUserPreferredUILanguages
GetTempPath2W
lstrcmpW
GetLastError
WaitForMultipleObjects
ResumeThread
GetProcessHeap
HeapFree
LoadLibraryExW
GetProcAddress
ActivateActCtx
DeactivateActCtx
CreateActCtxW
ReleaseActCtx
GetModuleHandleW

user32

GetWindowLongW
GetFocus
EndPaint
RegisterClassW
SetCapture
SendNotifyMessageW
ReleaseCapture
SetWindowLongW
DefWindowProcW
GetKeyState
IsRectEmpty
SetCursor
MoveWindow
DestroyWindow
GetPropW
SetPropW
RemovePropW
IsWindowVisible
SendDlgItemMessageW
ShowWindow
CopyRect
GetSysColor
LoadCursorW
PtInRect
MapDialogRect
DialogBoxParamW
OffsetRect
FrameRect
PostThreadMessageW
EndDialog
InflateRect
IsWindow
SetWindowPos
MapWindowPoints
GetNextDlgTabItem
IntersectRect
GetWindow
GetTopWindow
GetDlgCtrlID
SetForegroundWindow
EnableWindow
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PostMessageW
MessageBoxW
GetClientRect
UpdateWindow
InvalidateRect
GetMonitorInfoW
MonitorFromWindow
GetClassNameW
GetSystemMetrics
GetWindowRect
ReleaseDC
GetDC
GetDlgItem
LoadStringW
GetWindowTextW
SetFocus
BeginPaint
GetSysColorBrush
FillRect
CreateWindowExW
DrawTextW
SetActiveWindow
SendMessageW
CharUpperBuffW
GetParent
GetWindowTextLengthW
CopyIcon
DestroyIcon

oleaut32

SysFreeString
SysStringLen
SysAllocString

ole32

CoTaskMemAlloc
FreePropVariantArray
CoLoadLibrary
StringFromCLSID
CoTaskMemFree
PropVariantClear
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance

gdi32

CreateDIBSection
CreateSolidBrush
CreatePen
GetStockObject
Ellipse
Rectangle
SetBkColor
SetROP2
SelectPalette
RealizePalette
SetBrushOrgEx
DeleteObject
SetBkMode
CreateCompatibleDC
BitBlt
GetObjectW
DeleteDC
CreateCompatibleBitmap
CreateHalftonePalette
SetStretchBltMode
StretchBlt
CreatePenIndirect
ExtCreatePen
LPtoDP
GetTextExtentPoint32W
SelectObject
SetTextColor
CreateFontIndirectW

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipSetPenDashArray
GdipFillRectangle
GdipDrawRectangle
GdipFillPolygon
GdipDrawLine
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetImageDecodersSize
GdipGetImageDecoders
GdipSaveImageToFile
GdipSetCompositingQuality
GdipSaveAdd
GdipSetCompositingMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipLoadImageFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipFree
GdiplusShutdown
GdiplusStartup
GdipFillRectangleI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateBitmapFromGraphics
GdipSaveAddImage
GdipDrawImageRect

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey

shell32

SHGetFileInfoW
ord75

shlwapi

SHCreateStreamOnFileEx
ord191
ord487

msimg32

AlphaBlend

uxtheme

GetThemeSysFont
OpenThemeData
CloseThemeData
SetWindowTheme

Exports

Exports

DllCanUnloadNow
DllMain
GetDefaultProfileScan
GetImageDialog
ProfilesDialog
ProgDlgTakeFgIfShowing

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cde04e5d1ce686db5c81ecfb82a3b55

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

ntdll

kernel32

user32

oleaut32

ole32

gdi32

gdiplus

advapi32

shell32

shlwapi

msimg32

uxtheme

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 139KB

.data Size: 2KB - Virtual size: 11KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 82KB - Virtual size: 82KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 140KB - Virtual size: 139KB

.data
Size: 2KB - Virtual size: 11KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 82KB - Virtual size: 82KB

.reloc
Size: 10KB - Virtual size: 9KB