KDDeskVis[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

KDDeskVis.exe
Size

6.2MB
MD5

3c8b67abf2ab018f27cc24164bf5acfd
SHA1

b766d1e6396908f6fb45ed5848ca6893f20b857d
SHA256

bfe91fe04365efd150de8cdb7f39ac5280a9351ec08e8e45a734f9208b0d7f2a
SHA512

b2cfce329fa185bb661241b0ca4a2a0829595fc658e8c365adec6ff1a49c74d3da5e4baaa32ab2884c839fa340f2feffbf315686dc01b57d28087410f5db3832
SSDEEP

98304:AQLsKz/Q7BZOWaLVPu0IJpGhvA6RVQT9hDvV3hjNOKJo3:YOW+Txe7TBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KDDeskVis.exe

Files

KDDeskVis.exe
.exe windows:4 windows x86

2a8acb41f069f5f0e1c1a851e5215afa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

mpr

WNetCloseEnum

comctl32

FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
FlatSB_GetScrollPos
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_Write
ord17
InitializeFlatSB
FlatSB_GetScrollInfo
_TrackMouseEvent
InitCommonControlsEx
ImageList_DrawEx

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

GlobalSize
GlobalUnlock
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
LoadLibraryExW
LoadLibraryW
LocalAlloc
GlobalReAlloc
lstrcmpW
lstrcpynW
lstrcpyW
lstrlenA
lstrlenW
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingW
OpenMutexW
OutputDebugStringW
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
RemoveDirectoryW
ResetEvent
ResumeThread
SearchPathW
SetConsoleMode
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetPriorityClass
SizeofResource
Sleep
SuspendThread
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
VirtualQueryEx
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetTimeZoneInformation
GetThreadLocale
GetTempPathW
GetTempPathA
GetTempFileNameW
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetShortPathNameW
GetProfileIntW
GetModuleHandleW
GetModuleFileNameW
GetLogicalDrives
GetLocalTime
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetExitCodeProcess
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentDirectoryW
GetCPInfo
GetComputerNameW
GetACP
FreeResource
FreeConsole
FormatMessageW
FindNextFileW
FindNextChangeNotification
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
ExitProcess
EnumResourceNamesW
EnumCalendarInfoW
DosDateTimeToFileTime
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CloseHandle
AllocConsole
GetStartupInfoA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetConsoleMode
FindResourceW
LoadResource
LockResource
LocalFileTimeToFileTime

user32

PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropW
ScreenToClient
ScrollWindow
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
WaitForInputIdle
WaitMessage
WindowFromPoint
VkKeyScanA
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetMessagePos
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetKeyState
GetKeyNameTextW
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
MapVirtualKeyW
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDCEx
GetCursorPos
PeekMessageA
GetClipboardData
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetCapture
FrameRect
FindWindowW
FindWindowExW
FillRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextExW
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CharUpperBuffW
CharToOemW
CharToOemBuffW
CharToOemA
CharPrevA
CharNextW
CharLowerW
CharLowerBuffW
CallWindowProcW
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AttachThreadInput
AdjustWindowRectEx
LockWindowUpdate
LoadStringW
LoadStringA
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
ActivateKeyboardLayout
GetActiveWindow
GetForegroundWindow
GetWindowThreadProcessId
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsIconic
IsDialogMessageW
OpenClipboard
OffsetRect
OemToCharW
MsgWaitForMultipleObjectsEx
MessageBeep
GetClipboardFormatNameW
MapWindowPoints
IsDialogMessageA
IsChild
IsCharAlphaW
IsCharAlphaNumericW
InvalidateRect
IntersectRect
InsertMenuW
InsertMenuItemW
InflateRect
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetSystemMetrics
GetSystemMenu
GetIconInfo
GetSysColorBrush
GetLastActivePopup

gdi32

CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBitmap
CreateDIBSection
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPage
ExcludeClipRect
ExtTextOutW
FrameRgn
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetObjectW
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
LPtoDP
MaskBlt
MoveToEx
PatBlt
PlayEnhMetaFile
Polygon
Polyline
RealizePalette
Rectangle
RectVisible
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetEnhMetaFileBits
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
SetWinMetaFileBits
StartDocW
StartPage
StretchBlt
TextOutA
UnrealizeObject
BitBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
EnumPrintersW

comdlg32

GetOpenFileNameW
PrintDlgW
GetSaveFileNameW

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegFlushKey

shell32

ShellExecuteW
ShellExecuteExW
Shell_NotifyIconW
FindExecutableW
CommandLineToArgvW
SHFileOperationW

ole32

CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
CoGetInterfaceAndReleaseStream
DoDragDrop
CoCreateGuid
CLSIDFromString
CoInitialize
OleSetClipboard
OleUninitialize
StringFromCLSID
OleFlushClipboard
OleGetClipboard
CoCreateInstance
OleInitialize
StgCreateDocfileOnILockBytes
RevokeDragDrop
ReleaseStgMedium
CoMarshalInterThreadInterfaceInStream
RegisterDragDrop

oleaut32

VariantInit
VariantCopy
VariantClear
VariantChangeType
SysStringByteLen
SysReAllocStringLen
SysFreeString
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SafeArrayCreate

msvcrt

_controlfp
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
__p__commode
_except_handler3
_exit
exit
_XcptFilter

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kdv1141
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2a8acb41f069f5f0e1c1a851e5215afa

Headers

File Characteristics

Imports

imm32

mpr

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 4.0MB

.tls Size: 8KB - Virtual size: 4KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

kdv1141 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 4.0MB

.tls
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

kdv1141
Size: 1.2MB - Virtual size: 1.2MB