GamePanel[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

GamePanel.exe
Size

924KB
MD5

bb38f4f23527b5fa468f7f7b6ad94c99
SHA1

e733ba24ab5becd95043295491246271aa8373d9
SHA256

d2c64dc66ad6eba3407d85ab9a40902d67eab9802ac414150fb41bbb870284d2
SHA512

61ffe14d7e8c9dc4d4d3e6668a1126d1a39ddacdf4a40359de1993435bfe959e22f9e2058d265b7d3730f336ade855e9740704ee4b782f061d5901e0c831c3cf
SSDEEP

24576:cefUDHEJWs3Rgzg6IVAh4yqw2CzYk7eJftD:cefUrEMrS/widtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GamePanel.exe

Files

GamePanel.exe
.exe windows:10 windows x86

665bf9bcea1a90f9797eb97f80f7d6de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

EventWriteTransfer
RegGetValueW
RegCloseKey
RegNotifyChangeKeyValue
RegCreateKeyExW
EventSetInformation
EventRegister
EventUnregister
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash
CryptGetHashParam
CryptHashData
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
FreeSid
CheckTokenMembership
DuplicateToken
OpenProcessToken
AllocateAndInitializeSid
GetTokenInformation
RegDeleteTreeW

kernel32

SetThreadpoolWait
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateThreadpoolWait
CreateEventExW
SetEvent
IsWow64Process2
GetCurrentProcess
CreateEventW
LocalFree
OpenProcess
FreeLibrary
QueryFullProcessImageNameW
ResetEvent
SystemTimeToFileTime
FormatMessageW
ReleaseSRWLockShared
SetThreadpoolTimer
CreateThreadpoolTimer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
WaitForThreadpoolWaitCallbacks
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteFileW
GetFileAttributesW
QueryPerformanceCounter
GetTempFileNameW
GetDateFormatEx
GetTimeFormatEx
GetApplicationUserModelId
GetEnvironmentVariableW
WriteFile
CreateFileW
CreateThread
LoadLibraryExA
CloseThreadpoolWait
GetUserDefaultLocaleName
GetLocaleInfoEx
GetUserDefaultUILanguage
LCIDToLocaleName
WideCharToMultiByte
RaiseException
Sleep
ResolveLocaleName
GetCurrentThread
SetThreadDescription
CompareStringOrdinal
GetProcessId
ExpandEnvironmentStringsW
ReleaseMutex
GetCurrentThreadId
VirtualProtect
LocalAlloc
IsDebuggerPresent
DebugBreak
GetModuleHandleW
GetProcessHeap
GetCurrentProcessId
CreateMutexExW
GetProcAddress
HeapAlloc
CloseHandle
OpenSemaphoreW
WaitForSingleObjectEx
OutputDebugStringW
GetLocalTime
GetSystemTime
WaitForSingleObject
GetModuleHandleExW
ReleaseSemaphore
SetLastError
HeapFree
CreateSemaphoreExW
GetModuleFileNameA
GetLastError
AcquireSRWLockShared
FindPackagesByPackageFamily
MulDiv
GetLocaleInfoW
GetSystemInfo

gdi32

GetDIBits
DeleteObject
DeleteDC
GetObjectW
CreateRectRgn
GetRgnBox
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SelectObject

user32

ReleaseDC
GetDC
UnregisterClassW
GetSysColor
LoadStringW
SetWindowPos
GetClassLongW
SetClassLongW
ClientToScreen
TrackMouseEvent
SetCapture
ReleaseCapture
InvalidateRect
ValidateRect
MoveWindow
SetWindowTextW
SetParent
DestroyWindow
GetFocus
GetCursorPos
CallNextHookEx
UnhookWindowsHookEx
SetActiveWindow
GetKeyState
SetCursor
ShowCursor
SetCursorPos
GetWindowThreadProcessId
SetWindowCompositionAttribute
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetDesktopWindow
GetMessageW
IsWindow
SetProcessDefaultLayout
FindWindowW
RegisterWindowMessageW
RegisterClassExW
LoadIconW
DefWindowProcW
ShowWindow
WindowFromPhysicalPoint
GetMonitorInfoW
PtInRect
LoadCursorW
RegisterRawInputDevices
GetSystemMetrics
GetParent
ChangeWindowMessageFilterEx
SetWindowsHookExW
KillTimer
GetMessageExtraInfo
GetRawInputData
MonitorFromWindow
CreateWindowInBand
mouse_event
GetWindowTextW
SetForegroundWindow
MonitorFromRect
SendInput
BlockInput
SetFocus
GetWindowLongW
GetClientRect
SetWindowLongW
SystemParametersInfoW
GetWindowRgn
GetNextDlgTabItem
CreateWindowExW
EnableWindow
SetWindowRgn
GetAncestor
MapWindowPoints
GetWindowRect
UnhookWinEvent
PostQuitMessage
SetWinEventHook
GetActiveWindow
GetForegroundWindow
GetIconInfo
GetCursorInfo
PostMessageW
SendMessageW
ScreenToClient
MonitorFromPoint
SetTimer

api-ms-win-crt-time-l1-1-0

_time32

api-ms-win-crt-string-l1-1-0

strcspn
wcsnlen
memset
__strncnt

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_c_exit
_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__errno
_o__exit
_o__free_base
_o__get_wide_winmain_command_line
_o__Getdays
_o__Getmonths
_o__Gettnames
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__ismbblead
_o__localtime32_s
_o__malloc_base
_o__purecall
_o__realloc_base
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_errno
_o__set_fmode
_o__set_new_mode
_o__Strftime
_o__W_Getdays
_o__W_Getmonths
_o__W_Gettnames
_o__wcsdup
_o__Wcsftime
_o__wcsnicmp
_o__wfopen
_o_abort
_o_calloc
_o_ceil
_o_exit
_o_fclose
_o_floor
_o_free
_o_frexp
_o_islower
_o_isspace
_o_isupper
_o_ldexp
_o_localeconv
_o_malloc
_o_roundf
_o_setlocale
_o_strncpy_s
_o_strtod
_o_strtof
_o_strtol
_o_terminate
_o_tolower
_o_wcstol
_o_wcstoul
__uncaught_exception
_except_handler4_common
_CxxThrowException
_o__crt_atexit
_o__controlfp_s
_o__configure_wide_argv
_o__configthreadlocale
_o___std_exception_destroy
_o___std_exception_copy
_o__CIsqrt
_o___pctype_func
_o__CIpow
_o__cexit
_o__calloc_base
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___p__commode
_o___stdio_common_vsnwprintf_s
wcsstr
_o___stdio_common_vsnprintf_s
_o____mb_cur_max_func
_o____lc_locale_name_func
_o____lc_collate_cp_func
_o____lc_codepage_func
memchr
wcschr
strchr
strrchr
__CxxFrameHandler3
wcsrchr
__RTDynamicCast
memcmp
memcpy
memmove

api-ms-win-core-com-l1-1-0

CoGetMalloc
CoGetCallContext
CoCreateInstance
CoWaitForMultipleHandles
CoCreateFreeThreadedMarshaler
CoInitializeSecurity
StringFromGUID2
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
PropVariantClear

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCompareStringOrdinal
WindowsDuplicateString
WindowsGetStringLen
WindowsCreateString
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoActivateInstance
RoUninitialize

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

rpcrt4

UuidFromStringW
UuidCreate

oleaut32

SysAllocStringLen
SysAllocString
VariantInit

api-ms-win-power-base-l1-1-0

PowerDeterminePlatformRoleEx

api-ms-win-core-path-l1-1-0

PathCchCombine

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
TryAcquireSRWLockExclusive
InitializeSRWLock

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
InitializeConditionVariable
InitOnceExecuteOnce
WakeAllConditionVariable
WakeConditionVariable

api-ms-win-core-handle-l1-1-0

DuplicateHandle

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetStartupInfoW
GetExitCodeThread

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringEx
GetStringTypeW

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-localization-l1-2-0

GetCPInfo
LCMapStringEx

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-memory-l1-1-0

VirtualQuery

comctl32

ord413
ord411
ord410
ord412

api-ms-win-shcore-scaling-l1-1-1

SetProcessDpiAwareness
GetDpiForMonitor

d2d1

ord7

d3d11

D3D11CreateDevice

dwrite

DWriteCreateFactory

dcomp

DCompositionCreateDevice2

shell32

CommandLineToArgvW
SHGetKnownFolderPath
SHCreateDirectoryExW
ShellExecuteW

shlwapi

PathFileExistsW
SHStrDupA

msdrm

DRMIsWindowProtected

uxtheme

OpenThemeData
CloseThemeData

dxgi

CreateDXGIFactory2

ntdll

RtlAllocateHeap
RtlNtStatusToDosErrorNoTeb
RtlCompareUnicodeString
NtQueryInformationToken
RtlFreeHeap
NtQueryLicenseValue
RtlPublishWnfStateData
RtlInitUnicodeString

uiautomationcore

UiaReturnRawElementProvider
UiaRaiseAutomationEvent
UiaHostProviderFromHwnd

gamepanelexternalhook

?SetIntercept@CGamePanelExternalHook@@QAEX_NPAUHWND__@@@Z
?Hook@CGamePanelExternalHook@@QAEXPAUHWND__@@@Z
?GetInstance@CGamePanelExternalHook@@SGAAV1@XZ
?Unhook@CGamePanelExternalHook@@QAEXXZ
?GPHHookWindowPointerDown@CGamePanelExternalHook@@SGIXZ

dwmapi

DwmSetWindowAttribute

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.imrsiv
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 93KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

665bf9bcea1a90f9797eb97f80f7d6de

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

rpcrt4

oleaut32

api-ms-win-power-base-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-memory-l1-1-0

comctl32

api-ms-win-shcore-scaling-l1-1-1

d2d1

d3d11

dwrite

dcomp

shell32

shlwapi

msdrm

uxtheme

dxgi

ntdll

uiautomationcore

gamepanelexternalhook

dwmapi

Sections

.text Size: 731KB - Virtual size: 731KB

.imrsiv Size: - Virtual size: 4B

.data Size: 93KB - Virtual size: 102KB

.idata Size: 13KB - Virtual size: 13KB

.didat Size: 512B - Virtual size: 12B

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 55KB - Virtual size: 54KB

.text
Size: 731KB - Virtual size: 731KB

.imrsiv
Size: - Virtual size: 4B

.data
Size: 93KB - Virtual size: 102KB

.idata
Size: 13KB - Virtual size: 13KB

.didat
Size: 512B - Virtual size: 12B

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 55KB - Virtual size: 54KB