85e296831d036b20ea22288998914496f80b11f4118da608c951307288444812

Sharing

Copy URL

Twitter E-mail

General

Target

85e296831d036b20ea22288998914496f80b11f4118da608c951307288444812
Size

2.0MB
MD5

7d370b311c8a5ef16d0150555d2fc2ab
SHA1

25d4a12aefcc9c070e966d1eff8e489becffc9b1
SHA256

85e296831d036b20ea22288998914496f80b11f4118da608c951307288444812
SHA512

c6eba11c46bab61f5216e2778a9507dd65590ceeafb752c30fd9a7e786338cddcc9ef565256e14b9fbd3b5fe49acc52f92fb83f486e27fdd16b2faf6ddcc2618
SSDEEP

49152:6f0h966hEVPIVKdAG2X5ThOTcHFULdofrAr/2wE+8:GQph+wVK6G2X5ThyclULyTAr/VF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85e296831d036b20ea22288998914496f80b11f4118da608c951307288444812

Files

85e296831d036b20ea22288998914496f80b11f4118da608c951307288444812
.exe windows:5 windows x86 arch:x86

8a0a381573ffc3771cd56340a7798b7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\OEM\Beiying\Src\Keyboard\K916丰润新界面小卿版协议\Debug\KeyboardDrv.pdb

Imports

kernel32

WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
SetEvent
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
GetConsoleOutputCP
GetSystemInfo
VirtualAlloc
HeapSize
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
ExitThread
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
lstrcpyW
GetCurrentDirectoryW
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
SetErrorMode
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
WriteConsoleA
VirtualQuery
GetLocaleInfoA
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
FileTimeToSystemTime
lstrlenA
GlobalGetAtomNameW
InterlockedDecrement
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GetModuleHandleA
SetLastError
GlobalSize
MulDiv
CreateThread
LocalAlloc
GetVersionExW
FreeLibrary
FreeResource
GetPrivateProfileStringW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WritePrivateProfileStringW
CreateMutexW
GetPrivateProfileIntW
LocalFree
GetCommandLineW
GetModuleFileNameW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
RemoveDirectoryW
SetFileAttributesW
WriteFile
CreateDirectoryW
GetFileAttributesW
CopyFileW
DeleteFileW
MoveFileW
lstrcmpiW
lstrlenW
GetModuleHandleW
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
ReadFile
GetFileSize
CreateFileW
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
GetLastError
GetLocalTime
OutputDebugStringW
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForMultipleObjects
CreateSemaphoreW
CreateEventW
ReleaseSemaphore
CloseHandle
Sleep
CreateFileA

user32

EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
IsMenu
SetClassLongW
SetParent
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
DeleteMenu
WaitMessage
GetSysColorBrush
WindowFromPoint
DestroyMenu
GetMenuItemInfoW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
MessageBeep
IsZoomed
PostQuitMessage
GetKeyNameTextW
CharUpperW
SetMenuItemBitmaps
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
UpdateLayeredWindow
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
LoadMenuW
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
MapVirtualKeyW
SetWindowPos
UpdateWindow
ReleaseCapture
SetCapture
GetWindowDC
TrackPopupMenu
InsertMenuW
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetLastActivePopup
RegisterDeviceNotificationW
SetWindowRgn
DrawIcon
IsIconic
SetForegroundWindow
AppendMenuW
GetSystemMenu
UnregisterDeviceNotification
LoadIconW
LoadImageW
DestroyCursor
GetWindowRgn
CreateMenu
PeekMessageW
GetIconInfo
GetDoubleClickTime
SystemParametersInfoW
RedrawWindow
DrawEdge
InflateRect
GetSysColor
CreateWindowExW
CallWindowProcW
DestroyWindow
GetWindowTextW
IsWindowVisible
SetTimer
SetRectEmpty
TrackMouseEvent
CopyRect
KillTimer
ReleaseDC
IsWindow
SetWindowLongW
GetWindowLongW
GetSystemMetrics
InvalidateRect
GetWindowRect
SetCursor
LoadCursorW
ScreenToClient
GetCursorPos
PtInRect
GetFocus
FrameRect
FillRect
GetClientRect
SetRect
SendMessageW
EnableWindow
GetDC
ClientToScreen
SetFocus
GetParent
MessageBoxW
PostMessageW
FindWindowW
GetMenuCheckMarkDimensions

gdi32

CreatePatternBrush
CreateBitmap
GetObjectType
CreatePen
CreateHatchBrush
GetDCOrgEx
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32W
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetBkColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
MoveToEx
LineTo
ExtSelectClipRgn
SetTextAlign
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
RoundRect
CreateFontW
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
RemoveFontResourceW
AddFontResourceW
CreateFontIndirectW
CreateRectRgn
CreateSolidBrush
CreatePolygonRgn
PtInRegion
GetDIBits
RealizePalette
SelectPalette
GetStockObject
StretchBlt
DeleteDC
DeleteObject
CombineRgn
ExtCreateRegion
SelectObject
CreateDIBSection
GetObjectW
SetPixel
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW
SHAppBarMessage

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

StrStrIW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoUninitialize
CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleTranslateAccelerator
IsAccelerator
CreateStreamOnHGlobal

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

gdiplus

GdipDisposeImage
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImageRect
GdipFillRectangleI
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipIsVisiblePathPointI
GdipAddPathLineI
GdipSetPenColor
GdipFillPath
GdipDrawRectangle
GdipDrawPath
GdipDeletePen
GdipCreatePen1
GdipDeletePath
GdipCreatePath
GdipCloneBitmapAreaI
GdipSetLinePresetBlend
GdipCreateLineBrushFromRect
GdipFillRectangle
GdipSetSolidFillColor
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDrawImageRectRect
GdipGetImageWidth
GdipGetImageHeight
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromFile
GdipCloneImage
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetVirtualKey
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

_6��u
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8a0a381573ffc3771cd56340a7798b7c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 332KB - Virtual size: 332KB

.data Size: 26KB - Virtual size: 79KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 161KB - Virtual size: 161KB

_6��u Size: 16KB - Virtual size: 20KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 332KB - Virtual size: 332KB

.data
Size: 26KB - Virtual size: 79KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 161KB - Virtual size: 161KB

_6��u
Size: 16KB - Virtual size: 20KB