2024-05-13_45b1c18f171c2dcdd96e8b1b2a306405_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-13_45b1c18f171c2dcdd96e8b1b2a306405_ryuk
Size

2.7MB
MD5

45b1c18f171c2dcdd96e8b1b2a306405
SHA1

da770517fc0caea23ac0459e97b68485f1f9d417
SHA256

bc0e6af46496a1b94a2a2f9a51382349ff797bb7fb13e9fe423f07f83a6d7d10
SHA512

af7b4ada00615e965ee5b084545ca578421c4f0e37fc46a5a8359a12d2326e39ad1031a69b624e9a0295543cc57fab0ac72a42a4d71643d95e61c17d9ddda516
SSDEEP

49152:qPGYnViKipEGWj+rmTgvJnA+DMPEWMxSDQcte+V8Q8SLGLl:i4WuQiDFIDQct/pdGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-13_45b1c18f171c2dcdd96e8b1b2a306405_ryuk

Files

2024-05-13_45b1c18f171c2dcdd96e8b1b2a306405_ryuk
.exe windows:5 windows x64 arch:x64

27d0927cd63fa005fb6dcc8ff8771489

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\sense\Desktop\工作目录\创新京安丹灵-王\定制\源码\制作exe注册控件安装包\x64\Release\加密锁64位控件.pdb

Imports

kernel32

GetFullPathNameA
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
CreateFileA
VirtualProtect
GetOEMCP
GetCPInfo
GetACP
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
lstrcpyA
FindResourceExW
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTempFileNameA
GetTickCount
GetProfileIntA
SearchPathA
Sleep
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualQuery
QueryPerformanceFrequency
SetStdHandle
GetFileType
ExitProcess
GetStdHandle
GetConsoleCP
GetConsoleMode
GetFileSize
GetStringTypeW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
FindFirstFileExA
FindNextFileA
CreateFileW
WriteConsoleW
DeleteFileA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryA
CopyFileA
FormatMessageA
GlobalSize
LocalFree
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFlags
GlobalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalGetAtomNameA
GlobalFindAtomA
LoadLibraryW
lstrcmpW
GetModuleHandleExW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
MulDiv
GlobalUnlock
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
GetModuleHandleA
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
SetEvent
CloseHandle
FlushFileBuffers
FindFirstFileA
LCMapStringW
FindClose
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
GetWindowsDirectoryA
FindResourceA
LoadLibraryA
SizeofResource
LoadResource
GetProcAddress
LockResource

user32

ReuseDDElParam
TrackMouseEvent
LoadImageW
GetMenuDefaultItem
GetKeyNameTextA
MapVirtualKeyA
UnionRect
IsRectEmpty
GetSystemMenu
SetParent
GetNextDlgGroupItem
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongPtrA
SetWindowRgn
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
SetCursorPos
CopyIcon
FrameRect
SetRect
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
WaitMessage
CharUpperA
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
LoadCursorA
GetSysColorBrush
RealChildWindowFromPoint
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
UnpackDDElParam
GetWindow
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
UnhookWindowsHookEx
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
MessageBoxA
IsWindowEnabled
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
CallNextHookEx
SetWindowsHookExA
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
GetParent
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
SendMessageA
IsIconic
EnableWindow
GetSystemMetrics
DrawIcon
GetClientRect
LoadIconW
UnregisterClassA
LoadImageA
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
BringWindowToTop
LoadAcceleratorsA
MapDialogRect
GetAsyncKeyState
OffsetRect
SetRectEmpty
GetMenuItemInfoA
DestroyMenu
IntersectRect
InflateRect
LoadCursorW
WindowFromPoint
ReleaseCapture
LoadIconA
SetCapture
CopyImage

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipBitmapUnlockBits
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

gdi32

SetViewportOrgEx
SetWindowExtEx
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
SetViewportExtEx
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
ExtTextOutA
TextOutA
MoveToEx
GetObjectA
LineTo
CreateBitmap
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
GetTextFaceA
ScaleWindowExtEx
CopyMetaFileA
CreateDCA
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
SystemFunction036
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
DragFinish
DragQueryFileA
SHGetFileInfoA
SHGetDesktopFolder
ShellExecuteA
SHBrowseForFolderA
SHAppBarMessage
SHGetPathFromIDListA

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleLockRunning
CoUninitialize
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance

oleaut32

LoadTypeLi
SysAllocStringByteLen
VariantChangeType
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantInit
SysFreeString
VariantCopy
VarBstrFromDate
SysAllocString
SysAllocStringLen

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 614KB - Virtual size: 613KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27d0927cd63fa005fb6dcc8ff8771489

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msimg32

shlwapi

uxtheme

oleacc

gdiplus

imm32

winmm

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 614KB - Virtual size: 613KB

.data Size: 27KB - Virtual size: 71KB

.pdata Size: 83KB - Virtual size: 82KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 261KB - Virtual size: 261KB

.reloc Size: 58KB - Virtual size: 58KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 614KB - Virtual size: 613KB

.data
Size: 27KB - Virtual size: 71KB

.pdata
Size: 83KB - Virtual size: 82KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 261KB - Virtual size: 261KB

.reloc
Size: 58KB - Virtual size: 58KB