Poke Abby[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Poke Abby.exe
Size

19.7MB
MD5

7244cdd18e00c6a308cb67b883944a8a
SHA1

efc03da9527897169ecaba8d26de522aea9d0b1d
SHA256

d490226f6e29503905d439cca30acfd186a89f9138104b26cbe5acedd091dd75
SHA512

ae56a3af9fd1b0b296907be4ab8c2bd2818bedd4fd5547c7d569dc24b2307b1425d405dbc70fc3480e057d8738a8459cef3c6822a7cf01d88fcafec20a351ab5
SSDEEP

393216:+f0O2zNJJYNRv49pMbvLrzYBxZWnUIZ43WKKO:zYJbX

Score

1^/10

Malware Config

Signatures

Files

Poke Abby.exe
.exe windows x64

4512d754c2acaa14a7ec525900d60a9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

hid

HidD_GetHidGuid
HidP_GetCaps
HidD_GetProductString
HidP_GetButtonCaps
HidD_GetPreparsedData
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidD_FreePreparsedData

gdi32

CreateDIBSection
CreateBitmap
DeleteObject
GetObjectA
ChoosePixelFormat
GetDeviceCaps
SetPixelFormat
SwapBuffers

user32

EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
GetWindowPlacement
SetWindowLongA
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongPtrA
CreateDialogParamA
GetWindowLongPtrA
SetWindowPos
GetWindowRect
GetParent
GetThreadDesktop
GetUserObjectInformationA
EnumWindows
RegisterWindowMessageA
SendMessageA
SendMessageTimeoutA
IsIconic
ShowWindow
SetForegroundWindow
GetRawInputDeviceList
GetRawInputDeviceInfoW
GetRawInputData
RegisterRawInputDevices
CreateIconIndirect
ReleaseDC
GetDC
GetSystemMetrics
SetCursor
LoadCursorA
DestroyCursor
DefWindowProcW
DestroyWindow
CreateWindowExW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
SetCapture
ReleaseCapture
DialogBoxParamW
RegisterClassExW
MessageBoxW
WindowFromPoint
UnregisterDeviceNotification
DispatchMessageA
TranslateMessage
PtInRect
GetClientRect
GetWindowLongA
GetMessageExtraInfo
RegisterDeviceNotificationW
SystemParametersInfoW
ClientToScreen
GetAsyncKeyState
ScreenToClient
IsWindowVisible
GetCursorPos
GetKeyState
wsprintfA
GetProcessWindowStation
GetUserObjectInformationW
wvsprintfA
MonitorFromWindow
GetCaretBlinkTime
UpdateWindow
PeekMessageA
GetMessageA
ValidateRect
EnumDisplayDevicesA
SetFocus
GetFocus
ShowCursor
SetCursorPos
ClipCursor
GetWindowLongPtrW
SetWindowLongPtrW
PostQuitMessage
RegisterClassW
SetWindowTextW
CopyImage
EnableWindow
MsgWaitForMultipleObjects
DispatchMessageW
IsDialogMessageW
PeekMessageW
CreateDialogParamW
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamA
LoadImageA
GetMonitorInfoA
EnumDisplayMonitors

advapi32

CryptDestroyHash
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
RegCreateKeyW
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
RegOpenKeyExW
RegisterEventSourceW
ReportEventW
CryptReleaseContext
DeregisterEventSource

ws2_32

WSACreateEvent
WSAWaitForMultipleEvents
WSAResetEvent
WSAEnumNetworkEvents
WSASetEvent
recvfrom
getpeername
getprotobyname
recv
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSACloseEvent
WSAEventSelect
sendto
send
bind
select
__WSAFDIsSet
ntohs
getsockopt
freeaddrinfo
WSASetLastError
setsockopt
ioctlsocket
gethostname
socket
WSAGetLastError
htons
connect
getsockname
inet_addr
WSAStartup
inet_ntoa
htonl
closesocket
gethostbyname
ntohl
WSACleanup
WSAIoctl
getaddrinfo
getnameinfo
accept
listen
shutdown

kernel32

OpenEventA
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead
GetThreadPriority
GetProcessAffinityMask
FlushConsoleInputBuffer
ExpandEnvironmentStringsA
VerifyVersionInfoA
SetThreadAffinityMask
SwitchToThread
GetProcessHeap
CreateFileA
WriteConsoleW
SetWaitableTimer
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
CreateWaitableTimerA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetSystemDirectoryA
GetConsoleCP
GetFileType
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
GetLocaleInfoW
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
HeapCreate
GetVersion
HeapSetInformation
GetStdHandle
GetStartupInfoW
GetCommandLineA
ExitThread
DuplicateHandle
SetConsoleCtrlHandler
HeapSize
HeapQueryInformation
ExitProcess
EncodePointer
DecodePointer
RtlPcToFileHeader
GetTickCount
GetThreadLocale
SignalObjectAndWait
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwindEx
SetErrorMode
GlobalMemoryStatus
VirtualQuery
GetFileTime
lstrlenA
FileTimeToLocalFileTime
FileTimeToDosDateTime
CreateMutexW
GetFileSize
TerminateThread
GetTimeZoneInformation
GetLocalTime
FormatMessageA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
GetWindowsDirectoryW
ResetEvent
InitializeCriticalSection
IsDebuggerPresent
GetSystemTimeAsFileTime
SetThreadPriority
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushInstructionCache
CreateSemaphoreW
GetDateFormatA
GetTimeFormatA
RaiseException
SleepEx
SetEvent
SetDllDirectoryW
GetFullPathNameW
GetCurrentDirectoryA
GetVersionExA
GetModuleFileNameA
GetFileAttributesA
GetEnvironmentVariableA
OutputDebugStringA
GetCurrentThread
FileTimeToSystemTime
RtlCaptureContext
GetFileInformationByHandle
SuspendThread
GetThreadContext
PeekNamedPipe
GetDriveTypeA
FindFirstFileExA
ResumeThread
RtlLookupFunctionEntry
ReadConsoleInputA
SetConsoleMode
GetFullPathNameA
SetHandleCount
CreateSemaphoreA
CloseHandle
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
CreateEventA
MultiByteToWideChar
GetProcAddress
FreeLibrary
GetModuleHandleW
LoadLibraryW
VirtualProtect
VirtualAlloc
VirtualFree
GetSystemInfo
GetLastError
WideCharToMultiByte
ReadFile
SetFilePointerEx
WriteFile
SetFilePointer
SetEndOfFile
GetFileAttributesExW
CreateFileW
SetFileAttributesW
GetFileAttributesW
CopyFileW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
FindFirstFileExW
CreateDirectoryW
RemoveDirectoryW
DeleteFileW
SetFileTime
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExA
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
lstrcpynW
GetCommandLineW
CancelIo
GetOverlappedResult
CreateEventW
ExpandEnvironmentStringsW
CreateMutexA
GetCurrentThreadId
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GlobalMemoryStatusEx
GetCurrentProcess
GetUserDefaultLangID
GetComputerNameW
GetTempPathW
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
WaitForSingleObject
CreateThread
GetCurrentDirectoryW
OpenEventW
DebugBreak
SetLastError
RtlVirtualUnwind
GetDriveTypeW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

ole32

CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket
CoInitialize
CoUninitialize
PropVariantClear
CoTaskMemAlloc

shlwapi

SHDeleteKeyW
PathCanonicalizeW
PathFileExistsW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW
ShellExecuteW

opengl32

glColor4f
glColorPointer
glEnableClientState
glVertexPointer
glNormalPointer
glTexCoordPointer
glDisableClientState
glIsTexture
glLoadIdentity
glGetTexParameteriv
glTexSubImage2D
glPixelStorei
glCopyTexSubImage2D
glReadBuffer
glGetBooleanv
glGetError
glTexParameterf
glDrawElements
glDrawArrays
glGetIntegerv
glGenTextures
glBindTexture
glTexImage2D
glTexParameteri
glReadPixels
glDeleteTextures
glFinish
glDrawBuffer
glScissor
glViewport
glGetFloatv
glMultMatrixf
glMatrixMode
glLoadMatrixf
glPolygonMode
glFrontFace
glClearColor
glClearDepth
glClearStencil
glClear
glStencilMask
glDepthFunc
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glBlendFunc
glEnable
glGetString
wglGetCurrentDC
wglGetCurrentContext
wglCreateContext
wglDeleteContext
wglShareLists
wglGetProcAddress
wglMakeCurrent

winmm

waveOutPrepareHeader
waveInReset
waveInClose
waveInOpen
waveInStart
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
timeGetTime
timeEndPeriod
timeBeginPeriod
waveInGetNumDevs
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveInAddBuffer

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

imm32

ImmSetCompositionStringW
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetConversionStatus
ImmSetOpenStatus
ImmGetCompositionStringW
ImmGetContext

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

winhttp

WinHttpGetIEProxyConfigForCurrentUser

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 14.8MB - Virtual size: 14.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 661KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 773KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trace
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4512d754c2acaa14a7ec525900d60a9e

Headers

DLL Characteristics

File Characteristics

Imports

hid

gdi32

user32

advapi32

ws2_32

kernel32

version

ole32

shlwapi

shell32

opengl32

winmm

oleaut32

imm32

dnsapi

iphlpapi

winhttp

Exports

Exports

Sections

.text Size: 14.8MB - Virtual size: 14.8MB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 661KB - Virtual size: 1.5MB

.pdata Size: 773KB - Virtual size: 773KB

text Size: 12KB - Virtual size: 11KB

data Size: 26KB - Virtual size: 25KB

.trace Size: 3KB - Virtual size: 2KB

.data1 Size: 512B - Virtual size: 64B

_RDATA Size: 4KB - Virtual size: 4KB

.rsrc Size: 554KB - Virtual size: 553KB

.reloc Size: 158KB - Virtual size: 158KB

.text
Size: 14.8MB - Virtual size: 14.8MB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 661KB - Virtual size: 1.5MB

.pdata
Size: 773KB - Virtual size: 773KB

text
Size: 12KB - Virtual size: 11KB

data
Size: 26KB - Virtual size: 25KB

.trace
Size: 3KB - Virtual size: 2KB

.data1
Size: 512B - Virtual size: 64B

_RDATA
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 554KB - Virtual size: 553KB

.reloc
Size: 158KB - Virtual size: 158KB