4f0bce5115703662e49d385efb76ee6a

Sharing

Copy URL Twitter E-mail

General

Target

4f0bce5115703662e49d385efb76ee6a
Size

284KB
MD5

4f0bce5115703662e49d385efb76ee6a
SHA1

9d52e8eac847470eb885b29322390049d511fbb4
SHA256

791cadd9ab88b6a44eb0c60e1e7414d90360f7d05c1ea89a8ebdf42cfe58683e
SHA512

39be6779fa3c151d477b9adebd01eefcc478be0adb973efb37c1136ae6680286927f8df01f99cdaf9aadbf087edfc7d13d611d78f2a044551970ce5fe9c9a058
SSDEEP

6144:w4w9X9kfRTsgtx1L8Wz1xO3SaA3nJMpKRQRqculJ:w4c8TssxV8WpxlJUKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f0bce5115703662e49d385efb76ee6a

Files

4f0bce5115703662e49d385efb76ee6a
.exe windows:4 windows x86 arch:x86

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

kernel32

ReadFile
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CreateFileA
FlushFileBuffers
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
CloseHandle
CompareStringA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
HeapReAlloc
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
HeapFree
DeleteFileA
MoveFileA
GetLastError
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
MultiByteToWideChar
GetProcAddress
GetFileAttributesA
FreeLibrary
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
MulDiv
WideCharToMultiByte
GetModuleFileNameW
GetVersionExW
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr

user32

CheckMenuItem
SetMenuDefaultItem
CreateWindowExW
DialogBoxParamW
GetClipboardOwner
OpenClipboard
CloseClipboard
RegisterClipboardFormatW
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
GetSystemMetrics
TrackPopupMenu
DestroyMenu
LoadMenuW
LoadBitmapW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetMenuState
CreateDialogParamW
GetMenuStringW
ModifyMenuW
FindWindowW
MessageBeep
GetMessageW
IsWindow
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnhookWindowsHookEx
MessageBoxA
PostQuitMessage
RegisterWindowMessageW
GetCursorPos
SetForegroundWindow
PostMessageW
GetMenuDefaultItem
SetWindowsHookExW
LoadIconW
UpdateWindow
BringWindowToTop
RegisterClassExW
SetCursor
GetSysColor
SetFocus
MessageBoxW
GetSystemMenu
LoadStringW
AppendMenuW
GetFocus
GetDlgCtrlID
DestroyWindow
EnableWindow
GetDesktopWindow
GetWindowRect
SetWindowPos
IntersectRect
IsWindowVisible
ScreenToClient
ShowWindow
SetWindowTextW
CallWindowProcW
InflateRect
DrawFrameControl
GetWindowTextW
DrawStateW
DrawFocusRect
GetClientRect
DestroyIcon
InvalidateRect
SetWindowLongW
DefWindowProcW
GetWindowLongW
GetDlgItem
LoadImageW
GetDC
GetTopWindow
GetWindow
ReleaseDC
SendMessageW
SendDlgItemMessageW
DestroyCursor
EndDialog
GetSubMenu

gdi32

CreateSolidBrush
ExtTextOutW
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
SelectObject
Rectangle
GetTextExtentPoint32W
SetTextColor
GetStockObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
SetBkColor
SetBkMode

shell32

ShellExecuteW

ukhook40

VnFileConvert
?VnConvGetOptions@@YAXPAU_VnConvOptions@@@Z
?VnConvResetOptions@@YAXPAU_VnConvOptions@@@Z
?getVnCharset@CVnCharsetLib@@QAEPAVVnCharset@@H@Z
?VnCharsetLibObj@@3VCVnCharsetLib@@A
?genConvert@@YAHAAVVnCharset@@0AAVByteInStream@@AAVByteOutStream@@@Z
VnConvert
?ModifyStatusIcon@@YAXXZ
?UkStoreKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@H@Z
?MsViMethodMapping@@3PAUUkKeyMapping@@A
?VIQRMethodMapping@@3PAUUkKeyMapping@@A
?VniMethodMapping@@3PAUUkKeyMapping@@A
?SimpleTelexMethodMapping@@3PAUUkKeyMapping@@A
?TelexMethodMapping@@3PAUUkKeyMapping@@A
?UkLoadKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@PAH@Z
?getText@CMacroTable@@QAEPBIH@Z
?getKey@CMacroTable@@QAEPBIH@Z
?SetUnikeyOptions@@YAXPAU_UnikeyOptions@@H@Z
?SetOutputCharset@@YAHH@Z
?loadFromFile@CMacroTable@@QAEHPBD@Z
?writeToFile@CMacroTable@@QAEHPBD@Z
?addItem@CMacroTable@@QAEHPBX0H@Z
?resetContent@CMacroTable@@QAEXXZ
?UnikeyLoadMacro@@YAXPBD@Z
?UnikeyLoadUserKeyMap@@YAHPBD@Z
?init@CMacroTable@@QAEXXZ
?SetUnikeyReady@@YAXXZ
?SetInputMethod@@YAHW4UkInputMethod@@@Z
?EnableUnikey@@YAXH@Z
?SetUnikeySysInfo@@YAXPAU_UnikeySysInfo@@@Z
?InitUkHook@@YAXXZ
?MyMouseHook@@YGJHIJ@Z
?MyKeyHook@@YGJHIJ@Z
?SetSwitchKey@@YAXH@Z
?RecreateStatusIcon@@YAXXZ
?SwitchMode@@YAXXZ
?DeleteStatusIcon@@YAXXZ
?IsVietnamese@@YAHXZ
?GetVietHookDll@@YAPAUHINSTANCE__@@XZ
?VnConvSetOptions@@YAXPAU_VnConvOptions@@@Z

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

Imports

comdlg32

advapi32

comctl32

kernel32

user32

gdi32

shell32

ukhook40

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 196KB

.rsrc Size: 64KB - Virtual size: 60KB

.trdata Size: 72KB - Virtual size: 72KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 196KB

.rsrc
Size: 64KB - Virtual size: 60KB

.trdata
Size: 72KB - Virtual size: 72KB