9a250291847b0a7b16278660b728522e852a37168010f75e59ece7bb63607e55N

Sharing

Copy URL Twitter E-mail

General

Target

9a250291847b0a7b16278660b728522e852a37168010f75e59ece7bb63607e55N
Size

1.2MB
MD5

2030712faa6bdd6073ad17006dfa2510
SHA1

2fbaab1ef8e4cdb5b455ff37876a63ccda8eff15
SHA256

9a250291847b0a7b16278660b728522e852a37168010f75e59ece7bb63607e55
SHA512

7a731fc139b9e51edb3ced8f042a04073cab8beb09ce3c0e8293054992be48d5f8d28ded4fc87868de78a8504b8f09da25d2c0a6850d4f90516d5689983bedbc
SSDEEP

24576:5yKawtUmEFj9PYyiySG0+W1AyLRkSnui8B7BB56I5:5ydaahHvMCSui8BFB5p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a250291847b0a7b16278660b728522e852a37168010f75e59ece7bb63607e55N

Files

9a250291847b0a7b16278660b728522e852a37168010f75e59ece7bb63607e55N
.dll windows:6 windows x64 arch:x64

a8f591d34e126d72fb45109a6fd74a67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\MultiCommander\BuildOutput\Output\x64\Release v143\MultiFileViewer\MultiFileViewer.pdb

Imports

kernel32

GetUserDefaultLCID
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
SetFilePointerEx
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
ExitProcess
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetCPInfo
CompareStringEx
LCMapStringEx
GetStringTypeW
RaiseException
OutputDebugStringW
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
FileTimeToSystemTime
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GlobalGetAtomNameW
ResumeThread
SuspendThread
GetVersionExW
GetCurrentProcessId
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GlobalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
GetACP
GetModuleHandleW
SetLastError
lstrcpyW
GetThreadPriority
SetThreadPriority
LocalFree
DeleteFileW
FormatMessageW
Sleep
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
GetProcAddress
lstrlenA
MulDiv
GlobalUnlock
WinExec
FreeLibrary
GlobalLock
GetWindowsDirectoryW
LoadLibraryW
GlobalAlloc
GetCurrentThreadId
OutputDebugStringA
WideCharToMultiByte
lstrlenW
GetFileSize
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSizeEx
FindResourceW
LoadResource
CloseHandle
LockResource
CreateFileW
SetFilePointer
WriteFile
SizeofResource
ReadFile
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
MultiByteToWideChar
HeapSize
InitializeCriticalSectionEx
GetTimeZoneInformation
HeapFree

user32

GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
PeekMessageW
DispatchMessageW
GetMenuItemID
EndPaint
BeginPaint
GetWindowDC
SendDlgItemMessageA
GetLastActivePopup
GetWindowLongW
GetIconInfo
DestroyCursor
GetActiveWindow
CreateIconIndirect
DrawStateW
DestroyMenu
TrackPopupMenuEx
GetNextDlgTabItem
DeferWindowPos
DestroyWindow
ShowWindow
GetMessagePos
InflateRect
GetCapture
FrameRect
DrawEdge
DrawFrameControl
LoadMenuW
GetDC
EqualRect
WindowFromPoint
BeginDeferWindowPos
OffsetRect
RedrawWindow
GetTabbedTextExtentA
TabbedTextOutA
UnregisterClassW
InvalidateRect
PtInRect
ClientToScreen
IsRectEmpty
EndDeferWindowPos
ReleaseDC
GetWindow
GetWindowRect
CopyRect
DrawFocusRect
GetMenuItemInfoW
ModifyMenuW
GetMenuItemCount
GetSubMenu
DestroyIcon
LoadIconW
RemoveMenu
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
IntersectRect
SetForegroundWindow
LoadImageW
MessageBoxW
PostThreadMessageW
GetTabbedTextExtentW
IsWindowEnabled
GetWindowThreadProcessId
MoveWindow
DrawIcon
SetDlgItemTextW
ShowCaret
DrawTextW
GetClientRect
SetRectEmpty
SetCaretPos
HideCaret
FillRect
EnableWindow
ReleaseCapture
UpdateWindow
RegisterWindowMessageW
GetParent
SystemParametersInfoW
SetRect
AppendMenuW
SetCursor
SetClipboardData
SetCapture
DestroyCaret
LoadCursorW
DrawTextExW
CreateCaret
EmptyClipboard
CloseClipboard
OpenClipboard
IsWindow
GetClassInfoW
CreatePopupMenu
GetSystemMetrics
SendMessageW
ScreenToClient
CopyIcon
IsWindowVisible
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
EndDialog
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetCursorPos
TranslateAcceleratorW
CharUpperW
RealChildWindowFromPoint
ShowOwnedPopups
PostQuitMessage
KillTimer
SetTimer
IsZoomed
UnionRect
ReuseDDElParam
UnpackDDElParam
LoadAcceleratorsW
InsertMenuItemW
GrayStringW
GetFocus
BringWindowToTop
TranslateMessage
GetSysColorBrush
GetMessageW
GetSysColor
TabbedTextOutW
DefWindowProcW
GetKeyState
PostMessageW
GetDesktopWindow

gdi32

TextOutW
GetDeviceCaps
RectVisible
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetBkColor
DeleteDC
CreateDCW
CreateFontW
GetPixel
StretchDIBits
SetPixel
Polygon
CreatePalette
Rectangle
RealizePalette
CreateBitmap
SetBkColor
SetTextColor
CreatePatternBrush
ExcludeClipRect
GetClipBox
IntersectClipRect
RestoreDC
SaveDC
SelectPalette
GetObjectW
SetMapMode
SetPolyFillMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetCharWidthW
CreateFontIndirectW
Escape
PtVisible
ExtTextOutW
TextOutA
SelectObject
GetStockObject
LineTo
MoveToEx
Ellipse
DeleteObject
CreateSolidBrush
GetTextMetricsW
GetTextExtentPoint32W
SetBkMode
GetTextExtentPoint32A
CreatePen

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyW
RegQueryValueW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

shell32

ShellExecuteW
DragAcceptFiles
DragFinish
ShellExecuteExW
DragQueryFileW

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

uxtheme

DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
OpenThemeData
CloseThemeData

ole32

CoCreateGuid
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CoInitialize
CoTaskMemFree

oleaut32

SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

Create
Delete
GetExtensionInfo

Sections

.text
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8f591d34e126d72fb45109a6fd74a67

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 767KB - Virtual size: 766KB

.rdata Size: 225KB - Virtual size: 224KB

.data Size: 57KB - Virtual size: 78KB

.pdata Size: 40KB - Virtual size: 40KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 767KB - Virtual size: 766KB

.rdata
Size: 225KB - Virtual size: 224KB

.data
Size: 57KB - Virtual size: 78KB

.pdata
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 15KB - Virtual size: 15KB