DisplaySwitch[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DisplaySwitch.exe
Size

510KB
MD5

ba4e1a60bd20ca7978c76d79f19e37f0
SHA1

3411f09eb350565b0bfb578e6573ad30e3da0da3
SHA256

d44176d2cb12f7a77e05f9c43459f81a6099312ede8678c43a5b930f99287138
SHA512

978e7f01d03d160ee0aff59258072f7d2da8baf15641ac6cdd238e5a696c18b118bd95537bbcfbf637c97894c5fbb33093cdf5fd2fe4315a2848237800d7485a
SSDEEP

12288:IejkDjsHHUEoLmxJX0UMc8AWEolcrd+tZnXU9uhvKqFc6iT/SHJBw5XR0m/d921J:IWalcgIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DisplaySwitch.exe

Files

DisplaySwitch.exe
.exe windows x86

885aeb60c3202e4dc3fd608c710bd8d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
SetFocus
SetCapture
SendInput
SetForegroundWindow
DefWindowProcW
EndPaint
BeginPaint
GetUpdateRect
RegisterClassW
ClientToScreen
GetWindowRect
GetDesktopWindow
GetDisplayConfigBufferSizes
QueryDisplayConfig
SetDisplayConfig
GetFocus
SetRectEmpty
GetClientRect
DrawTextExW
SetWindowLongW
SetLayeredWindowAttributes
GetDC
ReleaseDC
SetTimer
PtInRect
PostQuitMessage
NotifyWinEvent
ShowWindow
ReleaseCapture
SetWindowPos
InvalidateRect
UpdateWindow
GetCursorPos
LoadImageW
ScreenToClient
LoadCursorW
SetCursor
InflateRect
GetSysColorBrush
FillRect
GetSysColor
SetRect
SystemParametersInfoW
UnregisterDeviceNotification
KillTimer
FindWindowExW
CreateWindowExW
GetWindowLongW
LoadStringW
SendMessageW
GetMessageW
TranslateMessage
DispatchMessageW
SetWindowsHookExW
GetSystemMetrics
CallNextHookEx
GetAsyncKeyState
GetKeyState
PostMessageW
RegisterDeviceNotificationW
UnhookWindowsHookEx

kernel32

LoadLibraryExA
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedCompareExchange
FreeLibrary
GetProcAddress
DelayLoadFailureHook
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
GetLastError
WaitForSingleObject
MulDiv
ReleaseSemaphore
CloseHandle
GetModuleHandleW
LoadLibraryA
GetUserDefaultUILanguage
SizeofResource
LockResource
LoadResource
FindResourceExW
Sleep
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleA
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
InterlockedExchange
GetLocaleInfoW

comctl32

ord345
ImageList_CoCreateInstance
ord344

shlwapi

ord219
SHGetValueW

ole32

CoInitialize
CoUninitialize

imm32

ImmDisableIME

ntdll

WinSqmEndSession
WinSqmStartSession
WinSqmAddToStream

powrprof

PowerDeterminePlatformRole
GetPwrCapabilities

slc

SLGetWindowsInformationDWORD

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
EventUnregister
EventWrite
EventRegister

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
qsort
_ftol2
_CIsin
_CIcos
memset
_vsnwprintf
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
strtok
_stricmp

gdi32

SetBkColor
DeleteObject
FillRgn
CreateFontIndirectW
SetTextColor
GetDeviceCaps
FrameRgn
CreateRectRgnIndirect
SelectObject
GetTextExtentPoint32W
CreateDIBSection
CreateRoundRectRgn
GetObjectW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

885aeb60c3202e4dc3fd608c710bd8d4

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

comctl32

shlwapi

ole32

imm32

ntdll

powrprof

slc

advapi32

msvcrt

gdi32

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 473KB - Virtual size: 472KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 473KB - Virtual size: 472KB

.reloc
Size: 3KB - Virtual size: 3KB