433a8a5423e162ab7f6445b60ff608d9

Sharing

Copy URL Twitter E-mail

General

Target

433a8a5423e162ab7f6445b60ff608d9
Size

300KB
MD5

433a8a5423e162ab7f6445b60ff608d9
SHA1

66b808c3fe7d646c6b5fabfdabdf35f5ee43e230
SHA256

3ff38b48ad58c0e9c6f2d9147f8ceeb12073f705482b32a9591bdc6b675adc35
SHA512

c281e7c74f13f37f835ce3abcb6ce5fd2a30c02f2c1b8044253b22296abe299e47797dbe9947d90063584920713ced0f0db60220ca9831c1ee20075596aa87f7
SSDEEP

3072:aSUgw9X9ncN0J8kogLRiutt4fujL13Vlb8Wz1dTOo0hwV8tAvR5QM:a4w9X9kfkTsgtx1L8Wz1xO3SaAz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
433a8a5423e162ab7f6445b60ff608d9

Files

433a8a5423e162ab7f6445b60ff608d9
.exe windows:4 windows x86 arch:x86

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

kernel32

ReadFile
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CreateFileA
FlushFileBuffers
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
CloseHandle
CompareStringA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
HeapReAlloc
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
HeapFree
DeleteFileA
MoveFileA
GetLastError
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
MultiByteToWideChar
GetProcAddress
GetFileAttributesA
FreeLibrary
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
MulDiv
WideCharToMultiByte
GetModuleFileNameW
GetVersionExW
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr

user32

CheckMenuItem
SetMenuDefaultItem
CreateWindowExW
DialogBoxParamW
GetClipboardOwner
OpenClipboard
CloseClipboard
RegisterClipboardFormatW
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
GetSystemMetrics
TrackPopupMenu
DestroyMenu
LoadMenuW
LoadBitmapW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetMenuState
CreateDialogParamW
GetMenuStringW
ModifyMenuW
FindWindowW
MessageBeep
GetMessageW
IsWindow
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnhookWindowsHookEx
MessageBoxA
PostQuitMessage
RegisterWindowMessageW
GetCursorPos
SetForegroundWindow
PostMessageW
GetMenuDefaultItem
SetWindowsHookExW
LoadIconW
UpdateWindow
BringWindowToTop
RegisterClassExW
SetCursor
GetSysColor
SetFocus
MessageBoxW
GetSystemMenu
LoadStringW
AppendMenuW
GetFocus
GetDlgCtrlID
DestroyWindow
EnableWindow
GetDesktopWindow
GetWindowRect
SetWindowPos
IntersectRect
IsWindowVisible
ScreenToClient
ShowWindow
SetWindowTextW
CallWindowProcW
InflateRect
DrawFrameControl
GetWindowTextW
DrawStateW
DrawFocusRect
GetClientRect
DestroyIcon
InvalidateRect
SetWindowLongW
DefWindowProcW
GetWindowLongW
GetDlgItem
LoadImageW
GetDC
GetTopWindow
GetWindow
ReleaseDC
SendMessageW
SendDlgItemMessageW
DestroyCursor
EndDialog
GetSubMenu

gdi32

CreateSolidBrush
ExtTextOutW
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
SelectObject
Rectangle
GetTextExtentPoint32W
SetTextColor
GetStockObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
SetBkColor
SetBkMode

shell32

ShellExecuteW

ukhook40

VnFileConvert
?VnConvGetOptions@@YAXPAU_VnConvOptions@@@Z
?VnConvResetOptions@@YAXPAU_VnConvOptions@@@Z
?getVnCharset@CVnCharsetLib@@QAEPAVVnCharset@@H@Z
?VnCharsetLibObj@@3VCVnCharsetLib@@A
?genConvert@@YAHAAVVnCharset@@0AAVByteInStream@@AAVByteOutStream@@@Z
VnConvert
?ModifyStatusIcon@@YAXXZ
?UkStoreKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@H@Z
?MsViMethodMapping@@3PAUUkKeyMapping@@A
?VIQRMethodMapping@@3PAUUkKeyMapping@@A
?VniMethodMapping@@3PAUUkKeyMapping@@A
?SimpleTelexMethodMapping@@3PAUUkKeyMapping@@A
?TelexMethodMapping@@3PAUUkKeyMapping@@A
?UkLoadKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@PAH@Z
?getText@CMacroTable@@QAEPBIH@Z
?getKey@CMacroTable@@QAEPBIH@Z
?SetUnikeyOptions@@YAXPAU_UnikeyOptions@@H@Z
?SetOutputCharset@@YAHH@Z
?loadFromFile@CMacroTable@@QAEHPBD@Z
?writeToFile@CMacroTable@@QAEHPBD@Z
?addItem@CMacroTable@@QAEHPBX0H@Z
?resetContent@CMacroTable@@QAEXXZ
?UnikeyLoadMacro@@YAXPBD@Z
?UnikeyLoadUserKeyMap@@YAHPBD@Z
?init@CMacroTable@@QAEXXZ
?SetUnikeyReady@@YAXXZ
?SetInputMethod@@YAHW4UkInputMethod@@@Z
?EnableUnikey@@YAXH@Z
?SetUnikeySysInfo@@YAXPAU_UnikeySysInfo@@@Z
?InitUkHook@@YAXXZ
?MyMouseHook@@YGJHIJ@Z
?MyKeyHook@@YGJHIJ@Z
?SetSwitchKey@@YAXH@Z
?RecreateStatusIcon@@YAXXZ
?SwitchMode@@YAXXZ
?DeleteStatusIcon@@YAXXZ
?IsVietnamese@@YAHXZ
?GetVietHookDll@@YAPAUHINSTANCE__@@XZ
?VnConvSetOptions@@YAXPAU_VnConvOptions@@@Z

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

Imports

comdlg32

advapi32

comctl32

kernel32

user32

gdi32

shell32

ukhook40

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 196KB

.rsrc Size: 64KB - Virtual size: 60KB

.text Size: 88KB - Virtual size: 88KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 196KB

.rsrc
Size: 64KB - Virtual size: 60KB

.text
Size: 88KB - Virtual size: 88KB