QuickInput[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

QuickInput.exe
Size

16.3MB
MD5

6bcd5e913e33bbcde1717ef808c3ff63
SHA1

a1ff39d781ff9a920127bfb854dd01bbdea93958
SHA256

a05680648f37c78af1f761357c689d787da17b915ad5ea5f17f7b0e683787dff
SHA512

d533d7fc4a3ca17d239132dc1cff130ec89a75bef3835b7932f9238fdfc9485d687749db1b51c8f2aa0e334ca84719386e6ad96315658ff1ca7aed8bbd668277
SSDEEP

196608:AyrnWqkoeak8BU+MqEZjEiJsv6tWKFdu9C56+bF:PneABU+5eAiJsv6tWKFdu9CH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
QuickInput.exe

Files

QuickInput.exe
.exe windows:6 windows x86 arch:x86

7d9bd65d50bd22016b705149163de643

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
CreateProcessW
WideCharToMultiByte
MultiByteToWideChar
GlobalLock
GlobalUnlock
GlobalAlloc
GetModuleHandleW
GetModuleFileNameW
GetVersionExW
GetExitCodeThread
TerminateThread
CreateThread
CreateWaitableTimerW
Sleep
SetWaitableTimer
CreateMutexW
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
IsValidLocale
GetStdHandle
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFileAttributesW
SetStdHandle
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
SystemTimeToTzSpecificLocalTime
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
RtlUnwind
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
CloseHandle
DecodePointer
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
GetCPInfo
GetSystemTimeAsFileTime
LCMapStringEx
EncodePointer
GetLocaleInfoEx
CloseThreadpoolWork
SubmitThreadpoolWork
lstrcmpW
GetCurrentThreadId
GetProcAddress
LocalFree
FormatMessageW
WTSGetActiveConsoleSessionId
CheckRemoteDebuggerPresent
OpenProcess
GetLocaleInfoW
GlobalSize
GetCurrentProcessId
GetUserDefaultLangID
CreateFileW
GetFileSizeEx
ReadFile
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
GetConsoleWindow
ExitProcess
InitializeCriticalSection
CompareStringEx
GetCommandLineW
GetSystemTime
GetLocalTime
OutputDebugStringW
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetEvent
WaitForSingleObjectEx
CreateEventW
GetSystemDirectoryW
LoadLibraryW
DuplicateHandle
WaitForMultipleObjects
GetCurrentThread
SetThreadPriority
GetThreadPriority
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
ResetEvent
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
GetUserDefaultLCID
GetUserPreferredUILanguages
GetFileAttributesExW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount64
GetStartupInfoW
FlushFileBuffers
GetFileType
GetLogicalDrives
SetEndOfFile
SetFilePointerEx
SetErrorMode
DeleteFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
DeviceIoControl
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
GetFileInformationByHandleEx
UnregisterWaitEx
RegisterWaitForSingleObject
CompareStringW
LCMapStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
FindNextFileW
FreeLibrary
GetModuleHandleExW
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
GetExitCodeProcess
ReleaseMutex
VirtualAlloc
VirtualFree
GetTempPathA
GetTempFileNameA
SetLastError
VerSetConditionMask
lstrcpyW
lstrcatW
VerifyVersionInfoW
GetStringTypeW
RaiseException
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork

user32

OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetAsyncKeyState
SendInput
MapVirtualKeyW
SetTimer
KillTimer
GetForegroundWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
RedrawWindow
GetWindowTextW
GetWindowTextLengthW
GetSystemMetrics
SystemParametersInfoW
DestroyWindow
GetSysColor
GetDoubleClickTime
IsWindow
MessageBeep
GetCaretBlinkTime
UpdateLayeredWindowIndirect
SendMessageW
AttachThreadInput
IsChild
ShowWindow
UpdateLayeredWindow
FlashWindowEx
MoveWindow
GetWindowPlacement
SetWindowPlacement
IsIconic
SetFocus
RegisterTouchWindow
UnregisterTouchWindow
IsTouchWindow
GetCapture
SetCapture
ReleaseCapture
GetMenu
GetSystemMenu
EnableMenuItem
SetForegroundWindow
GetUpdateRect
SetWindowRgn
InvalidateRect
SetWindowTextW
GetClientRect
AdjustWindowRectEx
SetCursor
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetParent
SetParent
GetWindowThreadProcessId
GetWindow
UnregisterClassW
DestroyIcon
MonitorFromPoint
GetAncestor
GetKeyboardLayoutList
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
GetClassInfoW
RegisterClassExW
SetWindowPos
WindowFromPoint
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
SetMenu
DrawMenuBar
CreateMenu
CreatePopupMenu
DestroyMenu
InsertMenuW
AppendMenuW
ModifyMenuW
RemoveMenu
TrackPopupMenu
GetMenuItemInfoW
SetMenuItemInfoW
EnumDisplayMonitors
LoadIconW
IsHungAppWindow
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetKeyboardLayout
RegisterWindowMessageW
IsWindowEnabled
CreateCaret
DestroyCaret
HideCaret
ShowCaret
SetCaretPos
FindWindowA
PeekMessageW
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
TrackPopupMenuEx
EnumDisplayDevicesW
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
GetTouchInputInfo
CloseTouchInputHandle
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
DrawIconEx
TranslateMessage
GetQueueStatus
MsgWaitForMultipleObjectsEx
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
WindowFromDC
CallWindowProcW
SetPropW
GetPropW
RemovePropW
GetWindowRect
MessageBoxW
FillRect
GetDesktopWindow
FindWindowW
IsWindowVisible
SetLayeredWindowAttributes
GetFocus
RegisterClassW
DefWindowProcW
PostMessageW
DispatchMessageW
GetMessageW
FindWindowExW
GetClassNameW
SetWindowsHookExW
CallNextHookEx
EnumDisplaySettingsW
MonitorFromWindow
CreateWindowExW
DestroyCursor
GetMonitorInfoW
ClipCursor
GetCursorPos

gdi32

GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
CreateFontIndirectW
GetTextFaceW
GetPixel
CreateFontW
EnumFontFamiliesExW
GetObjectW
SetPixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
RemoveFontMemResourceEx
OffsetRgn
GdiFlush
SelectClipRgn
GetRegionData
CreateRectRgn
CombineRgn
GetTextMetricsW
BitBlt
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
GetBitmapBits
GetTextExtentExPointW
SelectObject
SetBkMode
CreateDIBSection
AddFontMemResourceEx
GetDIBits
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
TextOutW

shell32

SHGetMalloc
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetKnownFolderPath
SHCreateItemFromParsingName
SHGetFolderPathW

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoInitialize
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleSetClipboard
CoUninitialize

oleaut32

SafeArrayCreateVector
SafeArrayPutElement
VariantInit
SysFreeString
SysAllocString
VariantClear

shlwapi

PathRemoveExtensionW
PathRemoveBlanksW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

uxtheme

GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
ord47
GetCurrentThemeName
IsAppThemed
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
IsThemeActive

dwmapi

DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
DwmSetWindowAttribute
DwmGetWindowAttribute

userenv

GetUserProfileDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

NetShareEnum
NetApiBufferFree

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetDefaultIMEWnd
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey

winmm

PlaySoundW
timeBeginPeriod
timeKillEvent
timeSetEvent
timeEndPeriod

ws2_32

WSAAsyncSelect

d3d9

D3DPERF_SetMarker
D3DPERF_EndEvent
D3DPERF_BeginEvent
Direct3DCreate9
D3DPERF_GetStatus

api-ms-win-core-path-l1-1-0

PathCchAppend
PathCchRemoveFileSpec

advapi32

BuildTrusteeWithSidW
RegOpenKeyExW
RegQueryValueExW
SystemFunction036
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetLengthSid
MapGenericMask
LookupAccountSidW
GetEffectiveRightsFromAclW
GetNamedSecurityInfoW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey

Exports

Exports

??0PlatformMethods@angle@@QAE@XZ
??4PlatformMethods@angle@@QAEAAU01@$$QAU01@@Z
??4PlatformMethods@angle@@QAEAAU01@ABU01@@Z
_ANGLEGetDisplayPlatform@20
_ANGLEResetDisplayPlatform@4

Sections

.text
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 335KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmimed
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d9bd65d50bd22016b705149163de643

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

wtsapi32

uxtheme

dwmapi

userenv

version

netapi32

imm32

winmm

ws2_32

d3d9

api-ms-win-core-path-l1-1-0

advapi32

Exports

Exports

Sections

.text Size: 10.5MB - Virtual size: 10.5MB

.rdata Size: 4.7MB - Virtual size: 4.7MB

.data Size: 335KB - Virtual size: 393KB

.qtmetad Size: 1KB - Virtual size: 1KB

.qtmimed Size: 315KB - Virtual size: 315KB

.rsrc Size: 122KB - Virtual size: 122KB

.reloc Size: 363KB - Virtual size: 362KB

.text
Size: 10.5MB - Virtual size: 10.5MB

.rdata
Size: 4.7MB - Virtual size: 4.7MB

.data
Size: 335KB - Virtual size: 393KB

.qtmetad
Size: 1KB - Virtual size: 1KB

.qtmimed
Size: 315KB - Virtual size: 315KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 363KB - Virtual size: 362KB