a800d0a6ed97c380c65abdb5938d33a76f156f8269cbd6f95bcbb62de811d80e

Sharing

Copy URL

Twitter E-mail

General

Target

a800d0a6ed97c380c65abdb5938d33a76f156f8269cbd6f95bcbb62de811d80e
Size

3.2MB
MD5

7a472a1e9e014c4760ff0a014104f378
SHA1

f190b8f71a8430e3c9eb77d6ddc83ee9d02a0b20
SHA256

a800d0a6ed97c380c65abdb5938d33a76f156f8269cbd6f95bcbb62de811d80e
SHA512

33aba67af247c8be23f14c894bfccd125ab7bc80eb426d4a4f5851b2c06a65d39537998258ac2dc455563a93666570708c99c469c51af6288b7179dca9aed180
SSDEEP

49152:f01kykrxdGoaqCcBiuJr8mZ/Al+trcSnCfgPm8mG5QozjT+qx:f9GPqCKrbCfML5Qozuqx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a800d0a6ed97c380c65abdb5938d33a76f156f8269cbd6f95bcbb62de811d80e

Files

a800d0a6ed97c380c65abdb5938d33a76f156f8269cbd6f95bcbb62de811d80e
.exe windows:5 windows x86 arch:x86

afe132cfd41d97fa7672d47c419fc902

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\RomSprite6\UnlockTool\Release\SonyUnlocker.pdb

Imports

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

InterlockedDecrement
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetDiskFreeSpaceExW
GetSystemDefaultLangID
WriteFile
CreateDirectoryW
GetTempPathW
DosDateTimeToFileTime
FileTimeToDosDateTime
InterlockedIncrement
SetLastError
GetCurrentProcess
GetProcessVersion
OpenFileMappingW
MapViewOfFile
DuplicateHandle
GetOverlappedResult
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetHandleInformation
GetExitCodeProcess
MoveFileW
ExitThread
LocalFree
LocalAlloc
FlushInstructionCache
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
GetThreadLocale
CreateThread
DeleteCriticalSection
OutputDebugStringA
AllocConsole
SetWaitableTimer
CreateWaitableTimerW
SetEndOfFile
OutputDebugStringW
MoveFileExW
WaitForMultipleObjects
GetFileAttributesW
GetExitCodeThread
GlobalFree
CreateProcessA
TerminateThread
PeekNamedPipe
DeviceIoControl
GetSystemDirectoryW
GetPrivateProfileIntW
WritePrivateProfileStringW
CopyFileW
GetPrivateProfileStringW
SetFileAttributesW
FindNextFileW
CreateFileW
GetSystemInfo
RemoveDirectoryW
FindClose
GetVersionExW
CreateProcessW
FindFirstFileW
ReleaseMutex
CreateMutexW
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
InterlockedExchange
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetLocaleInfoW
SetConsoleCtrlHandler
GetFileSize
ReadFile
FreeResource
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetLocalTime
DeleteFileW
Sleep
GetVersion
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
OpenProcess
GetModuleHandleW
GetProcAddress
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
CloseHandle
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
ExitProcess
GetModuleHandleA
RaiseException
GetTickCount
SetFileTime
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FatalAppExitA
HeapCreate
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
GetStartupInfoW
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreatePipe
CreateDirectoryA

user32

GetClientRect
InvalidateRect
SetTimer
KillTimer
IsWindowEnabled
GetDlgItem
IsDialogMessageW
IsWindow
PostMessageW
GetWindowRect
MoveWindow
EnumWindows
GetMonitorInfoW
MonitorFromWindow
PtInRect
SetRect
InflateRect
SetCursor
EnumChildWindows
wsprintfW
GetSystemMetrics
UnregisterClassA
LoadCursorW
ReleaseDC
GetDC
GetDesktopWindow
GetKeyState
UnionRect
DestroyIcon
ShowWindow
DrawFrameControl
LoadImageW
LoadIconW
GetWindowThreadProcessId
SetLayeredWindowAttributes
GetParent
GetDlgCtrlID
OffsetRect
EqualRect
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
IsWindowVisible
SetWindowPos
SetWindowLongW
GetWindowLongW
CallWindowProcW
BeginPaint
EndPaint
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SetFocus
SetForegroundWindow
IsIconic
GetWindowTextW
GetWindowTextLengthW
UpdateWindow
GetClassInfoExW
CopyRect
IsRectEmpty
IntersectRect
SetRectEmpty
DestroyWindow
CreateWindowExW
RegisterClassExW
MapWindowPoints
RegisterWindowMessageW
PostThreadMessageW
DefWindowProcW
SendMessageW
BringWindowToTop
GetClassNameW
wvsprintfW
DestroyMenu
SetWindowRgn
TrackPopupMenu
ClientToScreen
MonitorFromPoint
AppendMenuW
GetWindow
CreatePopupMenu
EnableWindow
GetActiveWindow
SetActiveWindow
MessageBoxW
LoadBitmapW
CharNextW
SetWindowTextW

gdi32

CreateSolidBrush
BitBlt
CreateCompatibleBitmap
SetBkColor
ExtTextOutW
DeleteDC
SelectObject
RectInRegion
GetStockObject
GetObjectW
CreateFontIndirectW
GetRegionData
CombineRgn
DeleteObject
CreateRectRgnIndirect
SetRectRgn
CreateCompatibleDC
OffsetRgn
CreateRectRgn

advapi32

FreeSid
CheckTokenMembership
RegOpenKeyExA
RegQueryValueExA
ImpersonateSelf
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
OpenThreadToken

shell32

SHGetFolderPathW
SHCreateDirectoryExW
ShellExecuteExW
SHGetSpecialFolderPathW
ShellExecuteW
SHCreateDirectoryExA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateGuid

oleaut32

SysFreeString
VarUI4FromStr

shlwapi

PathFindExtensionW
StrToIntW
PathFileExistsW
StrToIntA
PathIsDirectoryW
PathRemoveFileSpecW
PathAppendW
PathGetDriveNumberW
PathRemoveFileSpecA
PathCombineA
PathFileExistsA

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipSetStringFormatAlign
GdipGetStringFormatFlags
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipDeleteBrush
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipSetStringFormatLineAlign
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatTrimming
GdipGetStringFormatTrimming
GdipCreateFromHDC
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipCloneBrush
GdipDeleteRegion
GdiplusStartup
GdiplusShutdown
GdipDrawImagePointRectI
GdipCreateBitmapFromHBITMAP
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDrawImageI
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetCompositingQuality
GdipSetCompositingMode
GdipReleaseDC
GdipGetDC
GdipDrawLineI
GdipSetPenDashStyle
GdipDrawRectangleI
GdipDeletePen
GdipCreatePen1
GdipSetClipRegion
GdipCreateStringFormat
GdipCreateRegion
GdipGetClip
GdipSetClipRectI
GdipSetClipHrgn

iphlpapi

GetPerAdapterInfo
IpRenewAddress
IpReleaseAddress
GetNetworkParams
GetAdaptersInfo
GetInterfaceInfo

netapi32

NetWkstaTransportEnum
Netbios
NetApiBufferFree

ws2_32

htons
WSAGetLastError
WSACleanup
inet_addr
WSAStartup
inet_ntoa
connect
gethostname
recv
bind
socket
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyname
send
htonl
ntohl
listen
accept
ntohs
select

wininet

HttpOpenRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
HttpQueryInfoW
InternetReadFileExA
InternetOpenW
InternetConnectW
InternetCrackUrlW
InternetSetStatusCallbackW
InternetSetOptionW
InternetQueryOptionW
InternetCloseHandle

rpcrt4

UuidCreateSequential

setupapi

CM_Get_Child
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_Sibling
CM_Reenumerate_DevNode
CM_Locate_DevNodeW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
CMP_WaitNoPendingInstallEvents
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
SetupDiRemoveDevice
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afe132cfd41d97fa7672d47c419fc902

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

psapi

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

iphlpapi

netapi32

ws2_32

wininet

rpcrt4

setupapi

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 277KB - Virtual size: 276KB

.data Size: 32KB - Virtual size: 48KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 277KB - Virtual size: 276KB

.data
Size: 32KB - Virtual size: 48KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB