GamePanel[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

GamePanel.exe
Size

944KB
MD5

2f20efb9a0e388d035145194a604adee
SHA1

99a7358d97a6fbb6dadfb836ffa4c48f79a81ec5
SHA256

306237c984cd4056f0b3a35b77fa58b10236e68c69fa71f0fe2ff2e9ea68e7fe
SHA512

75a68abcf734dae8ca8c8b11518b7139e1fbca0abb772627981cefe00f6aa8d8d7da331a11c6f8ce6bdb978aa3e2ecabded04d49a738d2afb892fdf6a997e581
SSDEEP

24576:j10xpl0EEidUaNVTo/s+KL5b8B9AiJNgWHC:BkEnaNVToE1ydNgWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GamePanel.exe

Files

GamePanel.exe
.exe windows:10 windows x86

aebcb02352b68bcb99c49dcade027f25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegGetValueW
EventWriteTransfer
RegCloseKey
RegNotifyChangeKeyValue
RegCreateKeyExW
EventSetInformation
EventRegister
EventUnregister
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash
CryptGetHashParam
CryptHashData
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
FreeSid
CheckTokenMembership
DuplicateToken
OpenProcessToken
AllocateAndInitializeSid
RegDeleteTreeW

kernel32

CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SetThreadpoolWait
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateThreadpoolWait
CreateEventExW
SetEvent
IsWow64Process2
GetCurrentProcess
CreateEventW
LocalFree
OpenProcess
FreeLibrary
GetCurrentThreadId
SystemTimeToFileTime
SetThreadpoolTimer
GetSystemTime
GetUserDefaultLocaleName
CloseHandle
CreateThreadpoolTimer
WaitForSingleObjectEx
LoadResource
LockResource
SizeofResource
DeleteFileW
QueryPerformanceCounter
GetTempFileNameW
GetDateFormatEx
GetTimeFormatEx
GetApplicationUserModelId
GetEnvironmentVariableW
WriteFile
CreateFileW
CreateThread
OutputDebugStringW
GetLocaleInfoEx
GetUserDefaultUILanguage
LCIDToLocaleName
WideCharToMultiByte
RaiseException
Sleep
ResolveLocaleName
GetCurrentThread
SetThreadDescription
IsDebuggerPresent
DebugBreak
GetModuleHandleW
GetProcessHeap
GetCurrentProcessId
CreateMutexExW
GetProcAddress
VirtualQuery
GetSystemInfo
LoadLibraryExA
VirtualProtect
LocalAlloc
GetLocalTime
GetLocaleInfoW
WaitForThreadpoolTimerCallbacks
WaitForSingleObject
HeapAlloc
CloseThreadpoolTimer
GetModuleHandleExW
ReleaseSemaphore
SetLastError
HeapFree
CreateSemaphoreExW
GetModuleFileNameA
OpenSemaphoreW
GetLastError
FormatMessageW
FindResourceW
ReleaseMutex
MulDiv
ResetEvent

gdi32

GetDIBits
DeleteDC
GetObjectW
CreateRectRgn
GetRgnBox
SelectObject
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC

user32

SetForegroundWindow
SetCursorPos
ShowCursor
SetActiveWindow
ChangeWindowMessageFilterEx
ReleaseDC
GetDC
UnregisterClassW
GetSysColor
LoadStringW
SetWindowPos
GetClassLongW
SetClassLongW
ClientToScreen
TrackMouseEvent
SetCapture
ReleaseCapture
TranslateMessage
GetDesktopWindow
ScreenToClient
SendMessageW
MonitorFromRect
SetWindowCompositionAttribute
PostQuitMessage
DispatchMessageW
SendInput
BlockInput
PostMessageW
SetFocus
CreateWindowInBand
GetWindowThreadProcessId
SetCursor
GetMessageW
EnableWindow
IsWindow
GetCursorInfo
CreateWindowExW
GetIconInfo
SetProcessDefaultLayout
FindWindowW
GetForegroundWindow
GetNextDlgTabItem
SetWindowLongW
GetClientRect
GetWindowTextW
mouse_event
SetWinEventHook
UnhookWinEvent
MonitorFromWindow
GetWindowRect
MapWindowPoints
GetAncestor
SetWindowRgn
GetWindowRgn
SystemParametersInfoW
GetParent
GetSystemMetrics
GetRawInputData
GetMessageExtraInfo
RegisterRawInputDevices
LoadCursorW
PtInRect
MonitorFromPoint
GetMonitorInfoW
KillTimer
SetTimer
InvalidateRect
ValidateRect
MoveWindow
SetWindowTextW
SetParent
DestroyWindow
WindowFromPhysicalPoint
GetWindowLongW
GetActiveWindow
GetFocus
ShowWindow
GetCursorPos
CallNextHookEx
UnhookWindowsHookEx
DefWindowProcW
SetWindowsHookExW
GetKeyState
LoadIconW
RegisterClassExW
RegisterWindowMessageW
TranslateAcceleratorW

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
_exit
exit
_errno
_invalid_parameter_noinfo_noreturn
terminate
_initterm_e
_beginthreadex
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_set_errno
_set_app_type
_controlfp_s
_register_onexit_function
_crt_atexit
_initialize_onexit_table
_seh_filter_exe
_c_exit
abort
_cexit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnprintf_s
__stdio_common_vswprintf
__stdio_common_vswprintf_s
__stdio_common_vsprintf_s
__stdio_common_vsprintf
__p__commode
__stdio_common_vsnwprintf_s
fclose
_wfopen
_set_fmode

api-ms-win-crt-string-l1-1-0

islower
strcspn
strcpy_s
_wcsdup
strncpy_s
isupper
__strncnt
isspace
tolower
wcsnlen
_wcsnicmp

api-ms-win-crt-convert-l1-1-0

wcstoul
wcstol
strtod
strtol
strtof

api-ms-win-crt-time-l1-1-0

_Getdays
_W_Getmonths
_Getmonths
_W_Gettnames
_Wcsftime
_Strftime
_W_Getdays
_time32
_localtime32_s
_Gettnames

api-ms-win-crt-math-l1-1-0

floor
roundf
frexp
_CIpow
_CIsqrt
ceil
ldexp

api-ms-win-crt-heap-l1-1-0

_callnewh
_realloc_base
free
calloc
_malloc_base
_free_base
_set_new_mode
_calloc_base
malloc

api-ms-win-crt-locale-l1-1-0

setlocale
___lc_codepage_func
_lock_locales
___lc_collate_cp_func
__pctype_func
___mb_cur_max_func
localeconv
___lc_locale_name_func
_configthreadlocale
_unlock_locales

api-ms-win-core-com-l1-1-0

CoWaitForMultipleHandles
CoCreateGuid
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
StringFromGUID2
CoTaskMemFree
CoInitializeSecurity
PropVariantClear
CoCreateInstance

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsGetStringLen
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString
WindowsDeleteString
WindowsCompareStringOrdinal

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoActivateInstance
RoUninitialize

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

rpcrt4

UuidCreate
UuidFromStringW

oleaut32

VariantInit
SysAllocStringLen
SysAllocString

api-ms-win-power-base-l1-1-0

PowerDeterminePlatformRoleEx

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
InitializeSRWLock
TryAcquireSRWLockExclusive

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
SleepConditionVariableSRW
WakeConditionVariable
InitializeConditionVariable

api-ms-win-core-processthreads-l1-1-0

GetExitCodeThread

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency

api-ms-win-core-localization-l1-2-0

GetCPInfo
LCMapStringEx

api-ms-win-core-string-l1-1-0

CompareStringEx
MultiByteToWideChar
GetStringTypeW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-core-fibers-l1-1-0

FlsAlloc
FlsGetValue
FlsSetValue
FlsFree

comctl32

ord411
ord410
ord412
ord413

api-ms-win-shcore-scaling-l1-1-1

GetDpiForMonitor
SetProcessDpiAwareness

api-ms-win-core-featurestaging-l1-1-0

RecordFeatureUsage
SubscribeFeatureStateChangeNotification
UnsubscribeFeatureStateChangeNotification
GetFeatureEnabledState

api-ms-win-core-featurestaging-l1-1-1

GetFeatureVariant

d2d1

ord7

d3d11

D3D11CreateDevice

dwrite

DWriteCreateFactory

dcomp

DCompositionCreateDevice2

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW
ShellExecuteW
CommandLineToArgvW

shlwapi

SHStrDupA
PathFileExistsW

msdrm

DRMIsWindowProtected

uxtheme

CloseThemeData
OpenThemeData

dxgi

CreateDXGIFactory2

ntdll

RtlInitUnicodeString
NtQueryLicenseValue
RtlPublishWnfStateData

uiautomationcore

UiaHostProviderFromHwnd
UiaReturnRawElementProvider
UiaRaiseAutomationEvent

gamepanelexternalhook

?Hook@CGamePanelExternalHook@@QAEXPAUHWND__@@@Z
?SetIntercept@CGamePanelExternalHook@@QAEX_NPAUHWND__@@@Z
?GPHHookWindowPointerDown@CGamePanelExternalHook@@SGIXZ
?GetInstance@CGamePanelExternalHook@@SGAAV1@XZ
?Unhook@CGamePanelExternalHook@@QAEXXZ

dwmapi

DwmSetWindowAttribute

Sections

.text
Size: 757KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.imrsiv
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 90KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aebcb02352b68bcb99c49dcade027f25

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

rpcrt4

oleaut32

api-ms-win-power-base-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-fibers-l1-1-0

comctl32

api-ms-win-shcore-scaling-l1-1-1

api-ms-win-core-featurestaging-l1-1-0

api-ms-win-core-featurestaging-l1-1-1

d2d1

d3d11

dwrite

dcomp

shell32

shlwapi

msdrm

uxtheme

dxgi

ntdll

uiautomationcore

gamepanelexternalhook

dwmapi

Sections

.text Size: 757KB - Virtual size: 756KB

.imrsiv Size: - Virtual size: 4B

.data Size: 90KB - Virtual size: 99KB

.idata Size: 12KB - Virtual size: 12KB

.didat Size: 512B - Virtual size: 12B

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 53KB - Virtual size: 53KB

.text
Size: 757KB - Virtual size: 756KB

.imrsiv
Size: - Virtual size: 4B

.data
Size: 90KB - Virtual size: 99KB

.idata
Size: 12KB - Virtual size: 12KB

.didat
Size: 512B - Virtual size: 12B

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 53KB - Virtual size: 53KB