8deac34e5e7fb1613c1eda8602f4913d3b9429fad277cc59f065fd377a612dc0N

Sharing

Copy URL Twitter E-mail

General

Target

8deac34e5e7fb1613c1eda8602f4913d3b9429fad277cc59f065fd377a612dc0N
Size

132KB
MD5

2441635fe4171df38b1172b9eb1e7c90
SHA1

779884dd5958096d86d5cc7c594ef072b0bc2392
SHA256

8deac34e5e7fb1613c1eda8602f4913d3b9429fad277cc59f065fd377a612dc0
SHA512

a94aa9e2a424e8f99daf88316335d1374bea42b9428a78600f9df5b58f16cc80a6731d59590de6fb15a3e04b37e7dc7b08431853268dc9d36f599e3e839a0b6a
SSDEEP

3072:OFM+PLmZJTAWFwymJVxAYhFWncWyy6d3YH67IkK2NLPcV2zu:GMxZbFwymraYhsncWyy6OmIkCP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8deac34e5e7fb1613c1eda8602f4913d3b9429fad277cc59f065fd377a612dc0N

Files

8deac34e5e7fb1613c1eda8602f4913d3b9429fad277cc59f065fd377a612dc0N
.exe windows:10 windows x86 arch:x86

4f6f430aabcb71cd016d423e32e517e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

IMJPSET.pdb

Imports

gdi32

GetDeviceCaps

user32

MessageBoxW
SendMessageW
GetSystemMetrics
LoadImageW
PostMessageW
FindWindowW
GetDC
SetForegroundWindow
GetLastActivePopup
ReleaseDC
LoadStringW

msvcrt

wcsnlen
??_V@YAXPAX@Z
memmove_s
wcsncpy_s
__CxxFrameHandler3
_vsnwprintf
memcpy_s
??3@YAXPAX@Z
_purecall
memset
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_vsnprintf_s
_vsnwprintf_s
malloc
_callnewh
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
?what@exception@@UBEPBDXZ
_CxxThrowException
memcpy
memmove
_XcptFilter
__p__commode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
__p__fmode
__setusermatherr
_initterm
_wcmdln
_lock
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_controlfp
_except_handler4_common
memcmp
wcsncat_s
??1exception@@UAE@XZ

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameA
GetProcAddress
FreeLibrary

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
WaitForSingleObject
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockShared
OpenSemaphoreW
CreateMutexExW
CreateMutexW
ReleaseSemaphore
AcquireSRWLockShared
InitializeCriticalSectionEx
InitializeCriticalSection
CreateSemaphoreExW
DeleteCriticalSection
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetStartupInfoW
CreateProcessW
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

SetThreadUILanguage
FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventSetInformation
EventUnregister
EventWriteTransfer

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable
InitOnceBeginInitialize
InitOnceComplete
Sleep

api-ms-win-core-com-l1-1-0

StringFromGUID2
CoCreateInstance
CoUninitialize

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime
GetVersionExW

shell32

ShellExecuteW

ole32

CoInitialize

dui70

?GetContentSize@Element@DirectUI@@UAE?AUtagSIZE@@HHPAVSurface@2@@Z
?SetRegisteredDefaultButton@DialogElement@DirectUI@@QAEJPAVElement@2@@Z
UnInitProcessPriv
UnInitThread
StartMessagePump
?ShowWindow@NativeHWNDHost@DirectUI@@QAEXH@Z
?Host@NativeHWNDHost@DirectUI@@QAEXPAVElement@2@@Z
?EndDefer@Element@DirectUI@@QAEXK@Z
?Create@NativeHWNDHost@DirectUI@@SGJPBG0PAUHWND__@@PAUHICON__@@HHHHHHPAUHINSTANCE__@@IPAPAV12@@Z
InitThread
InitProcessPriv
??1DialogElement@DirectUI@@UAE@XZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UBEXXZ
?GetChildren@ClassInfoBase@DirectUI@@UBEHXZ
?RemoveChild@ClassInfoBase@DirectUI@@UAEXXZ
?AddChild@ClassInfoBase@DirectUI@@UAEXXZ
?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ
?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ
?IsSubclassOf@ClassInfoBase@DirectUI@@UBE_NPAUIClassInfo@2@@Z
?IsValidProperty@ClassInfoBase@DirectUI@@UBE_NPBUPropertyInfo@2@@Z
?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ
?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ
?GetByClassIndex@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?Release@ClassInfoBase@DirectUI@@UAEHXZ
?AddRef@ClassInfoBase@DirectUI@@UAEXXZ
?GetDefaultButton@DialogElement@DirectUI@@UAEPAVElement@2@XZ
?OnChildReceivedFocus@DialogElement@DirectUI@@UAE_NPAVElement@2@@Z
?OnChildLostFocus@DialogElement@DirectUI@@UAE_NPAVElement@2@@Z
?GetKeyFocusedElement@DialogElement@DirectUI@@UAEPAVElement@2@XZ
?SetDefaultButtonTracking@DialogElement@DirectUI@@UAEJ_N@Z
?GetHandleEnterKey@DialogElement@DirectUI@@UAE_NXZ
?GetRegisteredDefaultButton@DialogElement@DirectUI@@UAEPAVElement@2@XZ
?GetDefaultButtonTracking@DialogElement@DirectUI@@UAE_NXZ
?GetButtonClassAcceptsEnterKey@DialogElement@DirectUI@@UAE_NXZ
?OnListenedEvent@DialogElement@DirectUI@@UAEXPAVElement@2@PAUEvent@2@@Z
?OnListenedInput@DialogElement@DirectUI@@UAEXPAVElement@2@PAUInputEvent@2@@Z
?OnListenedPropertyChanged@DialogElement@DirectUI@@UAEXPAVElement@2@PBUPropertyInfo@2@HPAVValue@2@2@Z
?OnListenedPropertyChanging@DialogElement@DirectUI@@UAE_NPAVElement@2@PBUPropertyInfo@2@HPAVValue@2@2@Z
?OnListenerDetach@DialogElement@DirectUI@@UAEXPAVElement@2@@Z
?OnListenerAttach@DialogElement@DirectUI@@UAEXPAVElement@2@@Z
?ClickDefaultButton@DialogElement@DirectUI@@UAE_NXZ
?_OnUIStateChanged@HWNDElement@DirectUI@@MAEXGG@Z
?GetWindowClassNameAndStyle@HWNDElement@DirectUI@@UAEXPAPBGPAI@Z
?WndProc@HWNDElement@DirectUI@@UAEJPAUHWND__@@IIJ@Z
?CreateStyleParser@HWNDElement@DirectUI@@UAEJPAPAVDUIXmlParser@2@@Z
?IsMSAAEnabled@HWNDElement@DirectUI@@UAE_NXZ
?CanSetFocus@HWNDElement@DirectUI@@UAE_NXZ
?OnCompositionChanged@HWNDElement@DirectUI@@UAEXXZ
?OnWmSettingChanged@HWNDElement@DirectUI@@UAEXIJ@Z
?OnWmThemeChanged@HWNDElement@DirectUI@@UAEXIJ@Z
?OnGetDlgCode@DialogElement@DirectUI@@UAEXPAUtagMSG@@PAJ@Z
?OnNoChildWithShortcutFound@HWNDElement@DirectUI@@UAEXPAUKeyboardEvent@2@@Z
?OnImmersiveColorSchemeChanged@HWNDElement@DirectUI@@UAEXXZ
?OnThemeChanged@HWNDElement@DirectUI@@UAEXPAUThemeChangedEvent@2@@Z
?GetHWND@HWNDElement@DirectUI@@UAEPAUHWND__@@XZ
?GetUiaFocusDelegate@Element@DirectUI@@UAEPAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UAEXPAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UAEXXZ
?GetElementProviderImpl@Element@DirectUI@@UAEJPAVInvokeHelper@2@PAPAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UAEJABU_GUID@@PAPAX@Z
?DefaultAction@Element@DirectUI@@UAEJXZ
?GetAccessibleImpl@HWNDElement@DirectUI@@UAEJPAPAUIAccessible@@@Z
?GetClassInfoW@DialogElement@DirectUI@@UAEPAUIClassInfo@2@XZ
?GetKeyFocused@Element@DirectUI@@UAE_NXZ
?RemoveTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@@Z
?ActivateTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@K@Z
?UpdateTooltip@HWNDElement@DirectUI@@UAEXPAVElement@2@@Z
?OnUnHosted@Element@DirectUI@@MAEXPAV12@@Z
?OnHosted@Element@DirectUI@@MAEXPAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MAE?AUtagSIZE@@HHPAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MAEXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UAEXPAUtagRECT@@@Z
?QueryInterface@Element@DirectUI@@UAGJABU_GUID@@PAPAX@Z
?MessageCallback@Element@DirectUI@@UAEIPAUtagGMSG@@@Z
?RemoveBehavior@Element@DirectUI@@UAEJPAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UAEJPAUIDuiBehavior@@@Z
?EnsureVisible@Element@DirectUI@@UAE_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UAEPAV12@PAV12@HPBUNavReference@2@K@Z
?Remove@Element@DirectUI@@UAEJPAPAV12@I@Z
?Insert@Element@DirectUI@@UAEJPAPAV12@II@Z
?Add@Element@DirectUI@@UAEJPAPAV12@I@Z
?SetKeyFocus@Element@DirectUI@@UAEXXZ
?Paint@Element@DirectUI@@UAEXPAUHDC__@@PBUtagRECT@@1PAU4@2@Z
?OnDestroy@DialogElement@DirectUI@@UAEXXZ
?OnMouseFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnKeyFocusMoved@DialogElement@DirectUI@@UAEXPAVElement@2@0@Z
?OnInput@DialogElement@DirectUI@@UAEXPAUInputEvent@2@@Z
?OnGroupChanged@HWNDElement@DirectUI@@UAEXH_N@Z
?OnPropertyChanged@Element@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@DialogElement@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPBUPropertyInfo@2@HPAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UAEPBGPAPAVValue@2@@Z
?IsContentProtected@Element@DirectUI@@UAE_NXZ
?IsRTLReading@Element@DirectUI@@UAE_NXZ
??1ClassInfoBase@DirectUI@@UAE@XZ
??0ClassInfoBase@DirectUI@@QAE@XZ
?GetClassInfoPtr@DialogElement@DirectUI@@SGPAUIClassInfo@2@XZ
?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QAEJXZ
?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z
??1CritSecLock@DirectUI@@QAE@XZ
?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ
??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z
?Register@DialogElement@DirectUI@@SGJXZ
?SetLayoutPos@Element@DirectUI@@QAEJH@Z
?SetVisible@Element@DirectUI@@QAEJ_N@Z
?SetEnabled@Element@DirectUI@@QAEJ_N@Z
?SetSelected@Element@DirectUI@@QAEJ_N@Z
?Destroy@DUIXmlParser@DirectUI@@QAEXXZ
??0DialogElement@DirectUI@@QAE@XZ
?Initialize@HWNDElement@DirectUI@@QAEJPAUHWND__@@_NIPAVElement@2@PAK@Z
?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QAEJIPAUHINSTANCE__@@0@Z
?CreateElement@DUIXmlParser@DirectUI@@QAEJPBGPAVElement@2@1PAKPAPAV32@@Z
?Destroy@Element@DirectUI@@QAEJ_N@Z
?Click@Button@DirectUI@@SG?AVUID@@XZ
StrToID
?OnEvent@HWNDElement@DirectUI@@UAEXPAUEvent@2@@Z
?FindDescendent@Element@DirectUI@@QAEPAV12@G@Z
?SetHandleEnterKey@DialogElement@DirectUI@@QAEJ_N@Z

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-security-base-l1-1-0

GetSidSubAuthority
GetSidSubAuthorityCount
IsValidSid
GetTokenInformation

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

ntdll

NtQueryWnfStateData

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f6f430aabcb71cd016d423e32e517e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

user32

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

shell32

ole32

dui70

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

ntdll

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 1024B - Virtual size: 3KB

.idata Size: 13KB - Virtual size: 13KB

.didat Size: 512B - Virtual size: 20B

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 1024B - Virtual size: 3KB

.idata
Size: 13KB - Virtual size: 13KB

.didat
Size: 512B - Virtual size: 20B

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 4KB - Virtual size: 3KB