图片批量处理EasyImageModifier[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

图片批量处理EasyImageModifier.exe
Size

1.2MB
MD5

7c452df005f845d7e83e22d13034f1d2
SHA1

fc511881ae5d4874be0074fa5fa2892f54398641
SHA256

759c3bc9c08ead54c1d21a6c7ee692af2b6c97d859e5ac43d2c56002afbdc1be
SHA512

9071d4e183e08ba0cbf1e2fc7bf10d49651271738ae7021116ede6276dcdc03da03a3a99bb7a6e09670022efc351b92994f52c70ba59419f8b00c3063d677f9e
SSDEEP

24576:BmT5C16W3PiF71uaae1MY9ndjKQU7mdykj+WdZaNTTrZrkKu+GA:25C1eFJ+C9/eyBkTNrkKLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
图片批量处理EasyImageModifier.exe

Files

图片批量处理EasyImageModifier.exe
.exe windows x86

0780e4db5dfdca0609bb835722f4521a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
_wcsicmp
wcsncpy
wcslen
wcscpy
wcscat
wcscmp
memmove
floor
ceil
_CIpow
_CIacos
malloc
free
fseek
ftell
fread
longjmp
_setjmp3
_wfopen
fclose
_snwprintf
memcmp
wcsncmp
sprintf
_stricmp
strcmp
tolower
localtime
mktime
gmtime
_wtoi
_wcsnicmp
_itow
fabs
pow
sqrt
abs
fmod
sin
cos
_wcsdup
setlocale
swscanf
wcsstr
_isnan
strncmp
_read
_write
_lseek
_close
_fstat
_open
realloc
__p__iob
fprintf
vfprintf
_wopen
bsearch
_lfind
qsort
_CIlog
_CIexp
rand
_CIsqrt
_CIatan2
frexp
modf
atof
fwrite
fflush
exit
ferror
getenv
sscanf
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetLastError
GetStdHandle
GetConsoleMode
SetConsoleMode
CreateSemaphoreW
FreeConsole
WriteConsoleW
GetUserDefaultLangID
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
GetDiskFreeSpaceExW
GetFileAttributesW
GetVolumeInformationW
LocalFileTimeToFileTime
SetFileAttributesW
SystemTimeToFileTime
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
CreateThread
GetThreadPriority
SetThreadPriority
HeapAlloc
HeapFree
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
MulDiv
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineW
GetModuleFileNameW
GetCurrentProcess
DuplicateHandle
CreatePipe
CreateProcessW
TlsAlloc
TlsSetValue
GetTickCount
TlsGetValue
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetTempPathW
SetCurrentDirectoryW
GetDriveTypeW
CreateDirectoryW
CopyFileW
MoveFileW
CreateFileW
SetFileTime
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalFree
AllocConsole
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
SetConsoleTitleW
DeleteCriticalSection
FlushFileBuffers
ReadConsoleW
ReadFile
WriteFile
SetFilePointer
HeapReAlloc
MultiByteToWideChar
GetFileSize
WideCharToMultiByte
GetVersionExW
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
SetLastError
GetLocalTime
HeapSize
TlsFree
lstrlenA
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

user32

GetSysColor
SendMessageW
ShowScrollBar
GetSystemMetrics
GetSubMenu
RemoveMenu
SetRect
DrawTextW
InsertMenuItemW
SetMenuItemInfoW
GetDC
ReleaseDC
DrawMenuBar
CreateWindowExW
SetClassLongW
GetWindowLongW
SetWindowLongW
SetForegroundWindow
GetDesktopWindow
SetWindowPos
IsWindowEnabled
IsWindowVisible
GetWindowRect
BringWindowToTop
ClientToScreen
ClipCursor
DrawIconEx
GetClientRect
GetClipCursor
GetComboBoxInfo
GetCursorInfo
GetForegroundWindow
GetIconInfo
GetLastInputInfo
GetPropW
GetScrollInfo
GetWindowInfo
GetWindowPlacement
GetWindowTextW
IsWindow
SetCursorPos
SetParent
SystemParametersInfoW
mouse_event
DestroyWindow
GetParent
SetPropW
MessageBoxW
PostMessageW
EnableWindow
DefWindowProcW
GetWindowTextLengthW
UnregisterClassW
LoadIconW
LoadCursorW
RegisterClassExW
SetFocus
CreateAcceleratorTableW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
GetWindowThreadProcessId
GetWindowLongA
EnumWindows
SetMenu
DestroyMenu
GetPropA
GetMenu
CallWindowProcA
CreateMenu
SetWindowLongA
SetPropA
AppendMenuW
GetMenuItemInfoW
RedrawWindow
DrawFocusRect
ScreenToClient
RemovePropW
GetClassNameW
IntersectRect
EnumChildWindows
GetCursorPos
MapWindowPoints
GetWindow
GetDlgCtrlID
CallWindowProcW
GetScrollPos
SetScrollPos
IsZoomed
InvalidateRect
UpdateWindow
DrawStateW
GetFocus
GetSysColorBrush
FrameRect
ValidateRect
FillRect
ReleaseCapture
BeginPaint
EndPaint
SetCapture
ShowWindow
SetWindowTextW
InflateRect
GetWindowDC
SendMessageA
MoveWindow
DrawFrameControl
EnumPropsExW
PeekMessageW
RemovePropA
DefWindowProcA
SetActiveWindow
RegisterClassW
AdjustWindowRectEx
IsIconic
MsgWaitForMultipleObjects
GetActiveWindow
KillTimer
SetTimer
DefFrameProcW
IsChild
GetKeyState
LoadImageW
SetCursor
RegisterClassA
CreateWindowExA
RegisterWindowMessageA
PostMessageA
DestroyIcon
CopyImage
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
CharUpperW

gdi32

DeleteObject
GetObjectW
CreateDIBitmap
CreateFontIndirectW
BitBlt
AddFontMemResourceEx
GetDeviceCaps
SetDeviceGammaRamp
CreateDCW
DeleteDC
GetStockObject
CreateFontW
GetObjectType
CreateRectRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
SetTextColor
GetTextExtentPoint32W
ExcludeClipRect
SetStretchBltMode
StretchBlt
CreatePen
MoveToEx
LineTo
CreateDIBSection
GetObjectA
CreateSolidBrush
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
GetDIBits
CreateBitmap
SetPixel
SetDIBits
GdiSetBatchLimit
GdiGetBatchLimit
SetBrushOrgEx
SetTextAlign
SetPixelV
Rectangle
RoundRect
Ellipse
SetROP2
SetBkMode
SelectPalette
RealizePalette
StretchDIBits
TextOutW
GetPixel
ExtFloodFill
GetTextMetricsW

comdlg32

ChooseColorW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetUserNameW
RegCreateKeyW
RegDeleteValueW
RegOpenKeyW
RegSetValueExW

comctl32

ImageList_SetIconSize
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_AddMasked
ImageList_GetIconSize

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop

shell32

SHChangeNotify
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteExW
DragQueryFileW

winmm

timeBeginPeriod

Sections

.code
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 574KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0780e4db5dfdca0609bb835722f4521a

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

comctl32

ole32

shell32

winmm

Sections

.code Size: 243KB - Virtual size: 243KB

.text Size: 574KB - Virtual size: 573KB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 133KB - Virtual size: 139KB

.rsrc Size: 98KB - Virtual size: 98KB

.code
Size: 243KB - Virtual size: 243KB

.text
Size: 574KB - Virtual size: 573KB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 133KB - Virtual size: 139KB

.rsrc
Size: 98KB - Virtual size: 98KB