065eab11d23e07a42b0214d4bbec715e7c87a54d6ec7719f69dd35e036cad5f6

Sharing

Copy URL Twitter E-mail

General

Target

065eab11d23e07a42b0214d4bbec715e7c87a54d6ec7719f69dd35e036cad5f6
Size

2.1MB
MD5

e47974f451d7773212135b979a2b69d8
SHA1

d72fbac6a39999bf1ba92f90d84120319a671aa3
SHA256

065eab11d23e07a42b0214d4bbec715e7c87a54d6ec7719f69dd35e036cad5f6
SHA512

5d40372134ead601fe6be2e3be8501336dda3446e8c5bbe95d82b7d12a382157808350370d0ee5f867e413f293208374f818556683caae84e079a6258b8b3664
SSDEEP

49152:90ee5Km6WEppm0V4J9P7m06gEoLeEvoXfgnP8kCnLB4z9kU81z:M516U81GvUYnP8kCnLue11z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WifiDirect.exe

Files

065eab11d23e07a42b0214d4bbec715e7c87a54d6ec7719f69dd35e036cad5f6
.zip
WifiDirect.exe
.exe windows:6 windows x64 arch:x64

7edd50fddcf3ab5508bab9bb2f8c0c5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ResumeThread
GlobalAddAtomW
EncodePointer
GetSystemDirectoryW
GlobalFindAtomW
CompareStringW
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
VerifyVersionInfoW
GlobalFlags
DeleteFileW
CreateFileW
GetFileAttributesW
GetFileSize
SetFilePointer
GetTempPathW
GlobalGetAtomNameW
FileTimeToSystemTime
FindClose
FindFirstFileW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
UnlockFile
WriteFile
DuplicateHandle
lstrcmpiW
VirtualProtect
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
Sleep
GetTickCount64
GetProfileIntW
SearchPathW
GetWindowsDirectoryW
GetTempFileNameW
GetUserDefaultLCID
FindResourceExW
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
SetThreadPriority
GetStringTypeW
LCMapStringEx
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
RtlUnwind
GetCommandLineA
GetCommandLineW
CreateThread
ExitThread
FreeLibraryAndExitThread
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
GetStdHandle
ExitProcess
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
VerSetConditionMask
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleHandleW
GetProcAddress
lstrcpyW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
OutputDebugStringA
SetLastError
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
CreateEventW
WaitForSingleObject
GetCurrentProcessId
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
lstrcpynW
SetEvent
WaitForSingleObjectEx
MultiByteToWideChar
CreateEventExW
FindResourceW
LoadResource
LockResource
SizeofResource
CloseHandle
RaiseException
CreateMutexW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultUILanguage
HeapFree

user32

DestroyMenu
GetMenuItemInfoW
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
CopyImage
DeleteMenu
RealChildWindowFromPoint
SetTimer
KillTimer
IntersectRect
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
CharUpperW
GetAsyncKeyState
GetSystemMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
UnionRect
BringWindowToTop
LockWindowUpdate
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuW
DestroyAcceleratorTable
SetClassLongPtrW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
CopyAcceleratorTableW
UpdateLayeredWindow
MapDialogRect
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
HideCaret
InvertRect
DestroyCursor
GetWindowRgn
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SendDlgItemMessageA
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetClassNameW
UpdateWindow
SetCursor
ShowOwnedPopups
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PtInRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetLastActivePopup
GetWindowThreadProcessId
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
EnumDisplayMonitors
GetMonitorInfoW
SystemParametersInfoW
LoadCursorW
CopyRect
SetRectEmpty
SetLayeredWindowAttributes
GetClassInfoW
DefWindowProcW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
DrawIconEx
GetParent
IsRectEmpty
OffsetRect
InflateRect
FillRect
DrawFocusRect
GetSysColorBrush
GetSysColor
MapWindowPoints
RedrawWindow
SetWindowRgn
DrawStateW
GetFocus
DrawFrameControl
DrawEdge
RegisterWindowMessageW
PostQuitMessage
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
MessageBoxW
EnableWindow
LoadIconW
SendMessageW
GetWindowRect
PostMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
InvalidateRect
IsWindowVisible
GetCursorPos
CreatePopupMenu
AppendMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
SetWindowPlacement
GetWindowLongPtrW
GetPropW

gdi32

SetTextColor
SetTextAlign
CreateDCW
GetDeviceCaps
CombineRgn
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
PatBlt
ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetStockObject
GetTextCharsetInfo
GetObjectW
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
GetTextMetricsW
CopyMetaFileW
GetTextFaceW
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
PtVisible
RectVisible
RestoreDC
SaveDC
MoveToEx
TextOutW
FrameRgn
FillRgn
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
SelectClipRgn

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
Shell_NotifyIconW
SHGetPathFromIDListW

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsDeleteString
WindowsCreateStringReference
WindowsCreateString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
GetWindowTheme

gdiplus

GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipDisposeImage
GdipDrawImageRectI
GdipCloneImage

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW

ole32

OleTranslateAccelerator
IsAccelerator
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
LoadTypeLi
SystemTimeToVariantTime
SysStringLen
VariantTimeToSystemTime
SysFreeString
VariantCopy
SysAllocString
VarBstrFromDate

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7edd50fddcf3ab5508bab9bb2f8c0c5f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

msimg32

shlwapi

uxtheme

gdiplus

oleacc

imm32

winmm

winspool.drv

advapi32

ole32

oleaut32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 584KB - Virtual size: 583KB

.data Size: 39KB - Virtual size: 70KB

.pdata Size: 89KB - Virtual size: 89KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 60KB - Virtual size: 60KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 584KB - Virtual size: 583KB

.data
Size: 39KB - Virtual size: 70KB

.pdata
Size: 89KB - Virtual size: 89KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 60KB - Virtual size: 60KB