9f3221dd057ee6b52c095cf472fa9c1f3729faf639a97ee6f2f4b506b41dffb9

Sharing

Copy URL

Twitter E-mail

General

Target

9f3221dd057ee6b52c095cf472fa9c1f3729faf639a97ee6f2f4b506b41dffb9
Size

1.2MB
MD5

29b3e50c7303c46f41fa42d28d7e8f1e
SHA1

c3f6cdefc10e8243f60aa89822858d30e8344188
SHA256

9f3221dd057ee6b52c095cf472fa9c1f3729faf639a97ee6f2f4b506b41dffb9
SHA512

11626a260e02b686ad588f49d426ead3f8ce23be6106b0077aaaf60c6c5d1f959c8697025abcf674a1ecf691ce8ebbb294120c27154e7d485898e288a036909e
SSDEEP

24576:9iCJmRLpAyAkzD4SaroDLZzEUTfdyRhLh7heXm8mb6:8R90qD49roDthTFghLh7hoZmu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f3221dd057ee6b52c095cf472fa9c1f3729faf639a97ee6f2f4b506b41dffb9

Files

9f3221dd057ee6b52c095cf472fa9c1f3729faf639a97ee6f2f4b506b41dffb9
.exe windows:6 windows x86 arch:x86

e8c995793a8c70427f710436d094eec7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

sidebar.pdb

Imports

vadvapi32

ReportEventW
RegisterEventSourceW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegGetValueW
RegDeleteKeyW
OpenSCManagerW
CloseServiceHandle
IsTextUnicode
RegSetValueExW
RegCreateKeyExW
RegLoadMUIStringW

vkernel32

LoadLibraryA
FreeLibrary
GetProcAddress
GlobalFree
TlsGetValue
ResetEvent
SearchPathW
CreateJobObjectW
QueryInformationJobObject
SetInformationJobObject
AssignProcessToJobObject
CompareFileTime
InitializeCriticalSectionAndSpinCount
lstrcmpW
GetFileAttributesExW
GetCurrentProcessId
CreateNamedPipeW
ConnectNamedPipe
CreateProcessW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetModuleFileNameW
CopyFileW
WritePrivateProfileStringW
TlsSetValue
OpenThread
InterlockedPushEntrySList
RegisterWaitForSingleObject
TerminateProcess
ResumeThread
GetExitCodeProcess
WaitForMultipleObjects
UnregisterWaitEx
WriteFileEx
GetFileSizeEx
CreateDirectoryW
SetCurrentDirectoryW
CreateDirectoryA
SetCurrentDirectoryA
GetTempPathW
GetTempFileNameW
WriteFile
SetFilePointer
ReadFile
GetProcessHeap
HeapAlloc
HeapFree
MultiByteToWideChar
GetFileAttributesW
InterlockedExchange
GetModuleHandleW
GetTickCount
DeleteFileW
GetEnvironmentVariableW
RaiseException
LocalFree
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetDiskFreeSpaceExW
SetVolumeLabelW
GetLogicalDrives
GetVolumeInformationW
GetDriveTypeW
GetSystemWindowsDirectoryW
GetSystemInfo
GetComputerNameW
GetSystemPowerStatus
OutputDebugStringW
GetFileSize
QueueUserAPC
InterlockedFlushSList
InitializeSListHead
GetSystemTime
SystemTimeToFileTime
FindFirstFileW
FindNextFileW
FindClose
MulDiv
GlobalDeleteAtom
GlobalGetAtomNameW
QueryPerformanceFrequency
CreateWaitableTimerW
SetWaitableTimer
TlsFree
CancelWaitableTimer
GetVersionExW
GetThreadPreferredUILanguages
WideCharToMultiByte
GlobalAddAtomW
GetFileTime
FindResourceW
SizeofResource
LoadResource
LockResource
FormatMessageW
LoadLibraryW
GetSystemDirectoryW
UnhandledExceptionFilter
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FlushInstructionCache
HeapSetInformation
SetErrorMode
GetCommandLineW
RegisterApplicationRestart
GetTickCount64
GlobalMemoryStatusEx
GetCurrentThreadId
TlsAlloc
Sleep
lstrlenW
SetEvent
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
DelayLoadFailureHook
SetFileAttributesW
CreateFileW
CompareStringW
CreateEventW
CreateThread
CreateMutexW
GetLastError
WaitForSingleObject
ReleaseMutex
CloseHandle
InterlockedCompareExchange

gdi32

SetBkColor
ExtTextOutW
GetDIBits
CreateCompatibleDC
OffsetWindowOrgEx
SetBkMode
GetClipBox
GetObjectW
BitBlt
SelectObject
CreateDIBSection
SetLayout
CreateFontIndirectW
GetStockObject
GetWindowOrgEx
StretchBlt
SetStretchBltMode
GetPath
LineDDA
GetTextExtentExPointW
SetTextColor
GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
DeleteObject
Rectangle
SelectClipRgn
CreateRectRgn
GetClipRgn
CreateRectRgnIndirect

vuser32

TrackPopupMenu
CheckMenuItem
GetWindowThreadProcessId
FindWindowW
ChangeWindowMessageFilter
ShowWindow
SetWindowPos
AllowSetForegroundWindow
PostMessageW
DefWindowProcW
DestroyWindow
LoadStringW
MessageBoxW
DrawTextExW
GetSystemMetrics
PostThreadMessageW
SetWindowTextW
SetWindowRgn
OffsetRect
CharUpperW
GetShellWindow
MessageBeep
UnhookWinEvent
SetWinEventHook
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationW
CloseDesktop
InsertMenuItemW
GetWindowTextW
InflateRect
MonitorFromWindow
DrawFrameControl
CreatePopupMenu
AppendMenuW
AdjustWindowRectEx
MonitorFromRect
SetActiveWindow
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MsgWaitForMultipleObjectsEx
IsDialogMessageW
GetWindowInfo
RegisterShellHookWindow
DeregisterShellHookWindow
GetForegroundWindow
DestroyIcon
GetIconInfo
PostQuitMessage
EndDialog
SetDlgItemTextW
GetDlgItem
SwitchToThisWindow
SendMessageW
RegisterWindowMessageW
SendMessageTimeoutW
PeekMessageW
TranslateMessage
DispatchMessageW
MessageBoxIndirectW
CharUpperBuffW
GetParent
GetKeyState
InvalidateRect
IsWindow
DestroyAcceleratorTable
SetFocus
GetFocus
IsChild
UnionRect
PtInRect
CreateWindowExW
GetWindowLongW
SetWindowLongW
CallWindowProcW
BeginPaint
GetClientRect
EndPaint
IntersectRect
EqualRect
ReleaseDC
GetDC
DestroyMenu
RemoveMenu
GetSubMenu
LoadMenuW
GetWindow
EnumWindows
DeleteMenu
GetMenuItemCount
GetMonitorInfoW
MapWindowPoints
FillRect
SetRect
MsgWaitForMultipleObjects
RemovePropW
SetPropW
GetPropW
RegisterClassW
LoadCursorW
DialogBoxParamW
CreateDialogParamW
GetCursorPos
GetDoubleClickTime
GetWindowRect
SetCapture
ReleaseCapture
NotifyWinEvent
UpdateLayeredWindow
SetTimer
KillTimer
RedrawWindow
ScreenToClient
SetCursor
GetMessagePos
GetKeyboardState
GetMessageTime
SetForegroundWindow
EnableWindow
EnumDisplayMonitors
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
GetDesktopWindow
LoadIconW
IsHungAppWindow
IsWindowVisible
IsRectEmpty
SetParent
UpdateWindow
WindowFromPoint
RegisterHotKey
SystemParametersInfoW
UnregisterHotKey
PrintWindow
SetLayeredWindowAttributes
GetSysColor
SetMenuDefaultItem

vmsvcrt

_controlfp
??1type_info@@UAE@XZ
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_CIexp
floor
ceil
_CIfmod
_CIsqrt
_CIcos
_CIsin
_CxxThrowException
_wtof
_itow
wcschr
iswalpha
wcsrchr
_ftol2_sse
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
wcsstr
time
strrchr
strtok
_lseek
_close
_write
_read
_open
_wtol
realloc
wcstok
_wtoi
wcsspn
_vsnwprintf
memcpy
memmove
_ftol2
_purecall
??_U@YAPAXI@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
free
memset
malloc

atl

ord50
ord31
ord51
ord27
ord45
ord58
ord44
ord43
ord30
ord32
ord20
ord17
ord23
ord57
ord18
ord21
ord16
ord60
ord10
ord11
ord26

vntdll

WinSqmEventWrite
WinSqmIsOptedIn
RtlIpv6AddressToStringExW
RtlIpv4AddressToStringExW
NtQuerySystemInformation
WinSqmAddToStream
WinSqmEventEnabled

ole32

CreateOleAdviseHolder
CoTaskMemFree
CreateDataAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoInitializeEx
CreateBindCtx
CoSuspendClassObjects
CoUninitialize
CoResumeClassObjects
OleUninitialize
OleInitialize
ReleaseStgMedium
PropVariantClear
CoCreateGuid
StringFromGUID2
CoTaskMemAlloc
GetHGlobalFromStream
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
CLSIDFromProgID
CoCreateInstance

oleaut32

LoadTypeLibEx
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SystemTimeToVariantTime
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
DispCallFunc
GetErrorInfo
VariantInit
OleCreatePropertyFrame
LoadRegTypeLi
SetErrorInfo
SysAllocString
VariantCopy
RegisterActiveObject
RevokeActiveObject
GetActiveObject
LoadTypeLi
VariantChangeType
CreateErrorInfo

gdiplus

GdipGetPointCount
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateHatchBrush
GdipCreateTexture2
GdipSetTextureTransform
GdipCreatePathGradientFromPath
GdipSetPathGradientWrapMode
GdipSetPathGradientCenterColor
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientSigmaBlend
GdipSetPathGradientLinearBlend
GdipSetPathGradientGammaCorrection
GdipSetLineLinearBlend
GdipCreateLineBrush
GdipSetLineGammaCorrection
GdipSetLineSigmaBlend
GdipSetPathGradientPresetBlend
GdipMultiplyLineTransform
GdipSetLinePresetBlend
GdipSetPathGradientCenterPoint
GdipSetPathGradientFocusScales
GdipFillPath
GdipSetSolidFillColor
GdipSetPenCustomEndCap
GdipSetPenCustomStartCap
GdipSetCustomLineCapStrokeCaps
GdipStartPathFigure
GdipAddPathLine2
GdipCreateCustomLineCap
GdipClonePen
GdipCreatePathIter
GdipPathIterNextSubpath
GdipSetPenMode
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenCompoundArray
GdipSetPenDashCap197819
GdipSetPenDashArray
GdipSetPenMiterLimit
GdipSetPenLineJoin
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipSaveImageToStream
GdipAddPathRectangle
GdipAddPathEllipse
GdipAddPathPath
GdipAddPathBezier
GdipClosePathFigure
GdipResetPath
GdipDeletePathIter
GdipDeleteCustomLineCap
GdipMeasureString
GdipCreateStringFormat
GdipGetPenColor
GdipTransformPath
GdipSetClipPath
GdipDrawPath
GdipClonePath
GdipDeleteMatrix
GdipDeleteStringFormat
GdipCreateBitmapFromHBITMAP
GdipCreateMatrix
GdipCreateMatrix2
GdipSetStringFormatFlags
GdipSetWorldTransform
GdipDrawString
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreatePen1
GdipDeletePen
GdipDeleteRegion
GdipGetImageWidth
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipSetPenColor
GdipSetPenDashStyle
GdipTranslateWorldTransform
GdipDrawRectangle
GdipDrawImageRectRect
GdipSetClipRect
GdipSetClipRegion
GdipGetClip
GdipIsVisibleRect
GdipSaveGraphics
GdipRestoreGraphics
GdipCreateRegion
GdipCreateFromHDC
GdipDeleteBrush
GdipImageRotateFlip
GdipCreateSolidFill
GdipDrawLine
GdipCloneBrush
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetImageAttributesColorKeys
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipAddPathLine
GdipAddPathArc
GdipSetPixelOffsetMode
GdipDrawRectangleI
GdipFillRectangleI
GdipDrawImageRectRectI
GdiplusStartup
GdiplusShutdown
GdipFillRectangle
GdipDeletePath
GdipDeleteFont
GdipDeleteFontFamily
GdipGetDC
GdipReleaseDC
GdipSetMatrixElements
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImagePixelFormat
GdipGetPathPoints
GdipGetPathTypes
GdipFlattenPath
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipImageSelectActiveFrame
GdipGetImageRawFormat
GdipSetPageUnit
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipSetCompositingQuality
GdipSetCompositingMode
GdipBitmapSetResolution
GdipCreateHBITMAPFromBitmap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipGetInterpolationMode
GdipResetWorldTransform
GdipGetCompositingQuality
GdipGetCompositingMode
GdipAddPathRectangleI
GdipCreatePath
GdipSetClipHrgn
GdipSetClipRectI
GdipRecordMetafile
GdipLoadImageFromFileICM
GdipCreateFromHWND
GdipGetVisibleClipBoundsI
GdipSetStringFormatAlign
GdipGetImageBounds
GdipGetPenWidth
GdipGetPenMode
GdipIsVisiblePathPoint
GdipWidenPath

shlwapi

AssocQueryStringW
ord214
PathGetDriveNumberW
PathCreateFromUrlW
PathCanonicalizeW
SHCreateStreamOnFileW
ord12
StrToIntExW
StrStrNIW
StrStrNW
UrlUnescapeW
PathRemoveFileSpecW
UrlEscapeW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathCommonPrefixW
PathIsRelativeW
PathCombineW
PathFileExistsW
ord270
PathIsDirectoryW
ord9
ord8
ord10
ord7
UrlIsW
PathIsURLW

vshell32

DragFinish
DragQueryPoint
ord102
DragQueryFileW
SHCreateItemWithParent
ord2
SHGetFolderLocation
ord4
ShellExecuteExW
SHAppBarMessage
Shell_NotifyIconW
SHGetFolderPathEx
SHEmptyRecycleBinW
DragAcceptFiles
SHGetPathFromIDListW
SHBrowseForFolderW
ord155
SHGetFileInfoW
SHBindToObject
SHCreateItemFromIDList
ord43
SHParseDisplayName
SHCreateDirectoryExW
ord165
ShellExecuteW
SHFileOperationW
SHGetFolderPathAndSubDirW
CommandLineToArgvW

urlmon

URLOpenBlockingStreamW
CreateURLMoniker
CoInternetGetSession

crypt32

CryptMsgClose
CertFreeCertificateContext
CertGetNameStringW
CryptDecodeObject
CertFindCertificateInStore
CryptMsgGetParam
CertCloseStore
CryptQueryObject

sfc

SfcIsFileProtected

vdwmapi

DwmUpdateThumbnailProperties
DwmSetWindowAttribute

cryptui

CryptUIDlgViewCertificateW

msimg32

AlphaBlend

vcomctl32

ord345
PropertySheetW
ord410
ord413
ord412
CreatePropertySheetPageW

vuxtheme

IsThemeActive
SetWindowThemeAttribute
CloseThemeData
DrawThemeBackground
OpenThemeData
SetWindowTheme
DrawThemeTextEx

Exports

Exports

Microsoft_WDF_UMDF_Version

Sections

.text
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 548KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.detour
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8c995793a8c70427f710436d094eec7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vadvapi32

vkernel32

gdi32

vuser32

vmsvcrt

atl

vntdll

ole32

oleaut32

gdiplus

shlwapi

vshell32

urlmon

crypt32

sfc

vdwmapi

cryptui

msimg32

vcomctl32

vuxtheme

Exports

Exports

Sections

.text Size: 612KB - Virtual size: 612KB

.data Size: 6KB - Virtual size: 11KB

.rsrc Size: 548KB - Virtual size: 548KB

.reloc Size: 30KB - Virtual size: 29KB

.detour Size: 19KB - Virtual size: 18KB

.text
Size: 612KB - Virtual size: 612KB

.data
Size: 6KB - Virtual size: 11KB

.rsrc
Size: 548KB - Virtual size: 548KB

.reloc
Size: 30KB - Virtual size: 29KB

.detour
Size: 19KB - Virtual size: 18KB