2d2a97bdcf933acc35961a3b4cd860f7a5549f747719d26d056c87bf80517331

Sharing

Copy URL

Twitter E-mail

General

Target

2d2a97bdcf933acc35961a3b4cd860f7a5549f747719d26d056c87bf80517331
Size

1.4MB
MD5

0acccf2d1852b7678647fb3501b51cca
SHA1

3582cc613efbb062e8126701b4d392324bafe726
SHA256

2d2a97bdcf933acc35961a3b4cd860f7a5549f747719d26d056c87bf80517331
SHA512

ed1b2146e88fd900ff6d8ec3d7fa4cbb6e1dcd4c9e1ae3492303542cf4a3e2f760117813ccf344c5a70576bc38e0937bde5b2eaa4b684fca8bd74c3e13942798
SSDEEP

24576:F4hBBC9Ydwv4/vJRCs4EltzPQidQcBDggggMUWZAigZOGL/yI0KASZJcP9zib:F4wazSAfQyQmggggMzA/OGLqNShb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d2a97bdcf933acc35961a3b4cd860f7a5549f747719d26d056c87bf80517331

Files

2d2a97bdcf933acc35961a3b4cd860f7a5549f747719d26d056c87bf80517331
.exe windows:5 windows x86 arch:x86

744dbd90002a038c91d821c12c44f746

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\hudson\jobs\JPGSeeImg_1.1.2.210831\workspace\JPGSeeImg\Software\JPGSeeImg\Bin\Release\AboutUI.pdb

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
GetModuleHandleExW
RtlUnwind
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
LoadLibraryExW
SetStdHandle
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
SetLastError
QueryPerformanceCounter
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
WriteConsoleW
FreeLibraryAndExitThread
GetVersionExW
GetLogicalDriveStringsW
TerminateProcess
GetCurrentProcess
LocalAlloc
FindResourceExW
Sleep
GetCurrentThreadId
GetModuleHandleA
lstrcpyW
InterlockedDecrement
InterlockedIncrement
lstrcpynW
lstrcmpiW
GetLocalTime
GlobalAlloc
MulDiv
GetCurrentProcessId
OpenProcess
FormatMessageW
LocalFree
GetFileAttributesW
CreateDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFilePointer
WriteFile
MultiByteToWideChar
GetACP
ExitProcess
WideCharToMultiByte
CreateFileW
GetCurrentDirectoryW
GetModuleHandleW
lstrlenW
GetTickCount
CloseHandle
ReadFile
GetFileSize
GlobalUnlock
GlobalLock
FindResourceW
DeleteCriticalSection
GetProcessHeap
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetCommandLineW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
FreeResource
LockResource
SizeofResource
LoadResource
GetThreadTimes

user32

PrivateExtractIconsW
DestroyIcon
DrawIconEx
MapVirtualKeyExW
PostMessageW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostQuitMessage
DestroyWindow
CreateWindowExW
GetKeyNameTextW
GetKeyboardLayout
SetForegroundWindow
GetGUIThreadInfo
IsWindow
SetWindowPos
IsWindowVisible
IsIconic
IsZoomed
CharNextW
GetActiveWindow
GetFocus
GetKeyState
SetCapture
ReleaseCapture
SetTimer
KillTimer
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
GetClientRect
GetWindowRect
GetCursorPos
ScreenToClient
MapWindowPoints
GetSysColor
IntersectRect
UnionRect
OffsetRect
IsRectEmpty
PtInRect
GetWindowLongW
SetWindowLongW
GetParent
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
wsprintfW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
ShowWindow
EnableWindow
GetSystemMetrics
SetPropW
GetPropW
InvalidateRgn
CreateAcceleratorTableW
DrawTextA
wsprintfA
LoadCursorW
SetWindowRgn
CharPrevW
MessageBoxW
SetFocus
SetCursor
InflateRect
UpdateLayeredWindow
MoveWindow
GetWindowRgn
IsWindowEnabled
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
EqualRect
UpdateWindow
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
TrackPopupMenu
AppendMenuW
EnableMenuItem
DestroyMenu
CreatePopupMenu
SetRect
FillRect
DrawTextW

gdi32

ExtSelectClipRgn
SelectClipRgn
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
SetBkColor
CreateDIBSection
PtInRegion
CreateRectRgn
CreateRoundRectRgn
SetWindowOrgEx
GetObjectW
GetTextMetricsW
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
CloseEnhMetaFile
SelectObject
SaveDC
RestoreDC
Rectangle
RemoveFontMemResourceEx
AddFontMemResourceEx
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
GetObjectA
MoveToEx
TextOutW
GdiFlush
GetTextExtentPointA
GetBitmapBits
SetBitmapBits
CombineRgn
CreatePatternBrush

advapi32

GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegCloseKey
GetUserNameW
RegOpenKeyExW
RegSetValueExW
LookupAccountSidW

shell32

ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHGetFileInfoW
DragQueryFileW

ole32

OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
CoInitializeEx
DoDragDrop
CoCreateInstance
CoUninitialize
OleDuplicateData

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

shlwapi

PathIsDirectoryW
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ord17

gdiplus

GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDrawImageRectI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillPath
GdipFillRectangleI
GdipDrawPath
GdipDrawRectangleI
GdipSetInterpolationMode
GdiplusStartup
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
ord1
GdipAddPathLine
GdipDeletePath
GdipCreatePath
GdipFree
GdipAlloc
GdiplusShutdown
GdipSetTextRenderingHint

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

ws2_32

gethostbyname
gethostname
WSAStartup

psapi

GetProcessImageFileNameW
EnumProcesses

Sections

.text
Size: 894KB - Virtual size: 894KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

744dbd90002a038c91d821c12c44f746

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

imm32

ws2_32

psapi

Sections

.text Size: 894KB - Virtual size: 894KB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 13KB - Virtual size: 27KB

.rsrc Size: 210KB - Virtual size: 209KB

.reloc Size: 120KB - Virtual size: 120KB

.text
Size: 894KB - Virtual size: 894KB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 13KB - Virtual size: 27KB

.rsrc
Size: 210KB - Virtual size: 209KB

.reloc
Size: 120KB - Virtual size: 120KB