9875cba5390d0aa5d92b3719a0d7754c

Sharing

Copy URL

Twitter E-mail

General

Target

9875cba5390d0aa5d92b3719a0d7754c
Size

807KB
MD5

9875cba5390d0aa5d92b3719a0d7754c
SHA1

7953d8c713ee7f212383f9995d078bf47b379fb1
SHA256

3d9a9414c40684d4d7d85b17e7a7e75164a0376b436e6d9d18a128d2f09dc4d2
SHA512

31ce379c0209f5fcefa12ac8535c3bc4081fb4e2cc9aaa12acf65f35a30d3b8be3ac942e52ad169e332f01250872f51ce2f6b4547f44306a04874103c9e62eed
SSDEEP

12288:Ng1k7vHz6TTrzPxVoWvVY4jDWrwL2bzqS6ZSDnJBQl7DsV75j/jhOpi:qMcXzIyWsL2bzB6ZSDIl7Ds/rj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9875cba5390d0aa5d92b3719a0d7754c

Files

9875cba5390d0aa5d92b3719a0d7754c
.exe windows:5 windows x86 arch:x86

94c02b83805963f4ba1690b5c5f27c3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\KbdEdit\LicensedBuilds\Tmp\1.3.3_premium_123_ivica.nikolic-gmail.com_1141\Build\Release_Win32\KbdEditLayoutInstaller32.pdb

Imports

kernel32

GlobalFindAtomW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
HeapAlloc
HeapReAlloc
Sleep
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
CreateThread
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
LoadLibraryA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetProcessHeap
SetEnvironmentVariableA
GetVersionExA
FileTimeToSystemTime
GlobalAddAtomW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
CompareStringW
GlobalFlags
WritePrivateProfileStringW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleHandleA
GetCurrentProcessId
CreateFileW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrlenA
SetErrorMode
GetLastError
SetLastError
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
LoadLibraryExW
CompareStringA
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
LoadLibraryW
MultiByteToWideChar
GetProcAddress
GetCurrentProcess
GetTempPathW
GetSystemDirectoryW
FindClose
FindFirstFileW
GetTempFileNameW
GetModuleFileNameW
QueryPerformanceCounter
MoveFileW
GetLocaleInfoW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
GetModuleHandleW
GetCommandLineW
ExitProcess
FindResourceW
LoadResource
LockResource
GetTickCount
SizeofResource

user32

ShowWindow
RegisterWindowMessageW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
LoadCursorW
GetSysColorBrush
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
DestroyMenu
CopyRect
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowThreadProcessId
GetParent
GetWindowLongW
AdjustWindowRectEx
GetLastActivePopup
IsWindowEnabled
CharUpperW
GetSystemMetrics
GetMenuState
GetSubMenu
PostQuitMessage
GetMenuItemID
GetMenuItemCount
GetKeyboardLayoutNameW
BroadcastSystemMessageW
SystemParametersInfoW
GetKeyboardLayoutList
UnloadKeyboardLayout
LoadKeyboardLayoutW
GetKeyboardLayout
ActivateKeyboardLayout
DialogBoxParamW
GetDesktopWindow
EndDialog
PostMessageW
SendMessageW
EnableWindow
GetDlgItem
SetWindowTextW
SetClassLongW
LoadIconW
MessageBoxW
IsIconic

gdi32

CreateBitmap
ExtTextOutW
GetStockObject
DeleteDC
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
Escape

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oleaut32

VariantInit
VariantClear
VariantChangeType

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94c02b83805963f4ba1690b5c5f27c3d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

version

Sections

.text Size: 314KB - Virtual size: 314KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 368KB - Virtual size: 385KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 314KB - Virtual size: 314KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 368KB - Virtual size: 385KB

.rsrc
Size: 18KB - Virtual size: 18KB