8699359285dbdd6c48cf281db7930dffe6e1b50f786c7c84f8fcc35b7088981d

Sharing

Copy URL Twitter E-mail

General

Target

8699359285dbdd6c48cf281db7930dffe6e1b50f786c7c84f8fcc35b7088981d
Size

1.2MB
MD5

257d18a18c9d96fda04b50b700419b53
SHA1

7642108628d916083ee9469033ef5481fa7ae426
SHA256

8699359285dbdd6c48cf281db7930dffe6e1b50f786c7c84f8fcc35b7088981d
SHA512

f6edb23f7749b4697f8e3bceee5f908f19f025c14c82578c0d42ebaa2a85ad5c8b937e475589a01c0acdba8c7f2846a3387d7ddd4740486803cdfda3b04ff8c2
SSDEEP

12288:+utDWwzGg1TnAOuR+Xb7B1NHPuwhQgIxrFwsdQxmXbWUQcNiLsKSjxZoooh3kbVa:+fUAO32N66T43l0iOXRXNUGMI4rvv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8699359285dbdd6c48cf281db7930dffe6e1b50f786c7c84f8fcc35b7088981d

Files

8699359285dbdd6c48cf281db7930dffe6e1b50f786c7c84f8fcc35b7088981d
.dll windows:6 windows x86 arch:x86

6ce58cb94e5538954afae0febd4f59b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Luna_BuildSpace\v232\Source\CNSG2_NW\ExtendUI\Win32\Release\ExtendUI.pdb

Imports

kernel32

GlobalFlags
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetCurrentDirectoryW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GetUserDefaultLCID
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetStringTypeW
SetFilePointerEx
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetDriveTypeW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetFileType
GetStdHandle
ExitProcess
HeapQueryInformation
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
DuplicateHandle
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
VirtualProtect
GetPrivateProfileIntW
CreateEventW
SetEvent
lstrcmpA
GetCurrentThread
GetProfileIntW
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
GetCurrentThreadId
EncodePointer
FreeResource
FormatMessageW
MulDiv
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
WideCharToMultiByte
lstrlenW
DeleteFileW
GetLocalTime
FlushFileBuffers
WriteFile
SetFilePointer
CreateDirectoryW
CreateFileW
WTSGetActiveConsoleSessionId
MultiByteToWideChar
LoadLibraryW
FindResourceExW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetSystemDirectoryW
GetWindowsDirectoryW
OpenMutexW
LocalFree
WritePrivateProfileStructW
GetPrivateProfileStringW
ReleaseMutex
LocalAlloc
CreateMutexW
WritePrivateProfileStringW
GetPrivateProfileStructW
CloseHandle
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
DeleteCriticalSection
HeapDestroy
DecodePointer
RaiseException
HeapReAlloc
HeapSize
GetSystemInfo
GetNativeSystemInfo
GetCurrentProcess
IsWow64Process
GetLocaleInfoW
GetVersionExW
CopyFileW
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
MoveFileExW
GetTempPathW
SetThreadLocale
FindClose
FindFirstFileW
HeapFree
GetProcessHeap
HeapAlloc
GetModuleHandleW
LeaveCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSectionEx
ExpandEnvironmentStringsW
FindResourceW
LoadResource
LockResource
SizeofResource
SetStdHandle
GetThreadLocale
OpenEventW

user32

GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollRange
GetScrollPos
SetScrollPos
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
SetMenu
GetMenu
GetKeyState
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetLastActivePopup
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
EnableWindow
EnumChildWindows
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetRectEmpty
SendDlgItemMessageA
MessageBoxW
GetCapture
FillRect
ShowScrollBar
ReleaseDC
GetDC
UnregisterClassW
GetParent
GetFocus
IsIconic
GetDlgCtrlID
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
ShowWindow
SetParent
EnableMenuItem
DrawMenuBar
MoveWindow
SetDlgItemTextW
DefWindowProcW
InvalidateRect
SendMessageW
LoadBitmapW
DestroyIcon
LoadIconW
GetSysColor
GetClientRect
UpdateWindow
InflateRect
GetWindowRect
LoadImageW
LoadCursorW
CopyRect
PtInRect
SetCursor
SetCapture
ReleaseCapture
SetFocus
SetTimer
KillTimer
GetMessageExtraInfo
SendInput
SetRect
OffsetRect
PostMessageW
IsWindow
GetSystemMetrics
GetWindowThreadProcessId
GetForegroundWindow
AttachThreadInput
CreatePopupMenu
AppendMenuW
CheckMenuItem
DeleteMenu
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
ClientToScreen
GetMessageW
GetDCEx
GetCursorPos
PostQuitMessage
TranslateMessage
DestroyMenu
CharUpperW
IntersectRect
RealChildWindowFromPoint
MapDialogRect
GetSysColorBrush
GetAsyncKeyState
SetWindowLongW
WindowFromPoint

gdi32

CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
SetBkMode
SetMapMode
SetROP2
SetStretchBltMode
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
UnrealizeObject
CreateCompatibleBitmap
CreateFontW
GetCharWidthW
StretchDIBits
CombineRgn
SetRectRgn
GetBkColor
EnumFontFamiliesExW
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
SetDIBColorTable
SelectObject
StretchBlt
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateFontIndirectW
GetObjectW
GetStockObject
Arc
Rectangle
DeleteDC
CreateSolidBrush

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyW
ConvertSidToStringSidW
InitializeSecurityDescriptor
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegQueryValueW
LookupAccountNameW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
SetSecurityDescriptorDacl

shell32

SHCreateDirectoryExW
ShellExecuteW
ord75
SHGetFolderPathW

comctl32

ImageList_GetIcon
ImageList_AddMasked

shlwapi

PathFileExistsW
SHCreateStreamOnFileW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW

uxtheme

IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeParentBackground
CloseThemeData
OpenThemeData
DrawThemeBackground

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
PropVariantClear
CoInitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateGuid

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen

gdiplus

GdipFree
GdipAlloc
GdiplusStartup
GdipBitmapUnlockBits
GdipCreateBitmapFromFile
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdiplusShutdown

oleacc

CreateStdAccessibleObject
LresultFromObject

wtsapi32

WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSFreeMemory

Exports

Exports

DllCanUnloadNow
DllGetClassObject
UI_Entry

Sections

.text
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ce58cb94e5538954afae0febd4f59b4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

wtsapi32

Exports

Exports

Sections

.text Size: 612KB - Virtual size: 611KB

.rdata Size: 165KB - Virtual size: 165KB

.data Size: 18KB - Virtual size: 29KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 46KB - Virtual size: 45KB

.text
Size: 612KB - Virtual size: 611KB

.rdata
Size: 165KB - Virtual size: 165KB

.data
Size: 18KB - Virtual size: 29KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 46KB - Virtual size: 45KB