G:\Doc\My work (C++)\_New 2018\Encryption\Release\encrypt.pdb
Static task
static1
1 signatures
General
-
Target
Win32.KeyPass.zip
-
Size
1.3MB
-
MD5
f831ffa7faa4da66482aa252536e1b0f
-
SHA1
aa305bd6962ebf06e26462d25140691585f85341
-
SHA256
8f8f3834abab12ebd792487a89e45bdb8c8f41b51f232dfb3edb8e8140c9ff8f
-
SHA512
3bf39aeb6c52de76aa864fb7d810cb4adbd2c7e0a2b91e8b6865967843044d628ca66a4531c720e5cd75dfb82a371e467f823819c0d9d559bd371efeec1d962a
-
SSDEEP
24576:k5yq9y9qttzFVPyDcYwohuvh0GsGkjHkevwLfK4uiIP/nMPbcdKK:cH3FVP8hphuF2Hk1LfK4InMLK
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Win32.KeyPass.bin
Files
-
Win32.KeyPass.zip.zip
Password: infected
-
Win32.KeyPass.bin.exe windows:5 windows x86 arch:x86
e66550df92091dc80539d65f5d9ec0a6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateSemaphoreW
IsValidCodePage
GetACP
GetOEMCP
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetTimeZoneInformation
ReadConsoleW
OutputDebugStringW
GetDateFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
OpenProcess
GetSystemInfo
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
FormatMessageA
GetThreadTimes
HeapQueryInformation
IsProcessorFeaturePresent
CloseHandle
IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleW
Sleep
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
GetCurrentProcess
GlobalAlloc
GetLastError
GetTickCount
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateFileW
GetFileSize
MoveFileW
VirtualAlloc
SetFilePointer
ReadFile
WriteFile
VirtualFree
FindFirstFileW
FindNextFileW
GetLogicalDrives
SetErrorMode
GetDriveTypeA
GetTimeFormatW
TerminateProcess
GetModuleFileNameA
GetEnvironmentVariableA
DeleteFileA
CreateFileA
FlushFileBuffers
SetLastError
CreateProcessA
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
LocalAlloc
lstrlenW
LocalSize
lstrcpynW
LocalFree
GetTempPathW
DeleteFileW
CopyFileW
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
CreateThread
GetComputerNameW
SetEvent
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
RaiseException
HeapSize
EnterCriticalSection
DecodePointer
DeleteCriticalSection
TlsAlloc
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedExchangeAdd
WaitForMultipleObjects
TerminateThread
QueueUserAPC
CreateEventW
SleepEx
PostQueuedCompletionStatus
CreateIoCompletionPort
SetWaitableTimer
GetQueuedCompletionStatus
InterlockedCompareExchange
VerSetConditionMask
VerifyVersionInfoW
CreateWaitableTimerW
GetSystemTimeAsFileTime
TlsGetValue
TlsSetValue
TlsFree
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
OutputDebugStringA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleHandleA
GetProcAddress
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
LoadLibraryW
GlobalAddAtomW
GlobalFindAtomW
GetCurrentProcessId
GetCurrentThread
GetVersionExW
lstrcmpA
lstrcpyW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalGetAtomNameW
FileTimeToSystemTime
GetThreadLocale
InitializeCriticalSection
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetCurrentDirectoryW
GetFileAttributesW
FindClose
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiW
GetStringTypeExW
GetTempFileNameW
GetWindowsDirectoryW
SearchPathW
GetProfileIntW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
VirtualProtect
FindResourceExW
GetUserDefaultLCID
GetCPInfo
ExitThread
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCommandLineW
user32
SetRectEmpty
SetLayeredWindowAttributes
LoadCursorW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
MapVirtualKeyW
GetKeyNameTextW
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
GetSystemMetrics
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
SendDlgItemMessageA
GetCursorPos
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
LoadIconW
GetWindow
GetLastActivePopup
GetTopWindow
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
InvalidateRgn
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
MonitorFromPoint
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetRect
GetNextDlgGroupItem
SetParent
SendMessageW
PeekMessageW
LoadStringW
DispatchMessageW
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
EnumDisplayMonitors
DestroyMenu
GetMenuItemInfoW
CopyImage
RealChildWindowFromPoint
IntersectRect
TrackMouseEvent
IsIconic
IsZoomed
CharUpperW
GetAsyncKeyState
SetCapture
ReleaseCapture
KillTimer
GetSystemMenu
GetClassInfoW
RegisterClassW
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
WinHelpW
UnionRect
LoadAcceleratorsW
MessageBoxW
EnableWindow
SetWindowsHookExW
UnhookWindowsHookEx
PostThreadMessageW
IsWindowVisible
ShowWindow
SetForegroundWindow
CallNextHookEx
GetWindowRect
GetClientRect
UpdateWindow
SetTimer
IsWindow
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawStateW
InvalidateRect
FillRect
GetClassNameW
LoadBitmapW
RegisterWindowMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
WaitMessage
CharNextW
RemovePropW
CopyAcceleratorTableW
DestroyIcon
LoadImageW
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetDoubleClickTime
GetIconInfo
CopyIcon
ModifyMenuW
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
SubtractRect
InvertRect
HideCaret
FrameRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
CharUpperBuffW
RegisterClipboardFormatW
CreateAcceleratorTableW
ScreenToClient
gdi32
GetTextFaceW
SetPixelV
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
EnumFontFamiliesExW
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
RoundRect
OffsetRgn
Rectangle
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
DPtoLP
SetRectRgn
GetMapMode
GetTextCharsetInfo
EnumFontFamiliesW
CreateFontIndirectW
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
Ellipse
CreateRectRgnIndirect
CreateEllipticRgn
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
SetTextColor
SetBkColor
GetObjectW
GetStockObject
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
RegQueryValueExA
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
DeleteService
QueryServiceStatusEx
CloseServiceHandle
QueryServiceStatus
ControlService
OpenServiceW
OpenSCManagerW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
shell32
DragQueryFileW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
CommandLineToArgvW
SHGetFileInfoW
comctl32
InitCommonControlsEx
shlwapi
PathFindFileNameW
PathAppendW
PathFileExistsW
PathFindExtensionW
PathFileExistsA
StrTrimW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
uxtheme
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
ole32
OleGetClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleFlushClipboard
oleaut32
SafeArrayDestroy
SysAllocString
VariantTimeToSystemTime
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SystemTimeToVariantTime
SysStringLen
SysFreeString
oledlg
OleUIBusyW
gdiplus
GdipBitmapLockBits
GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
winmm
PlaySoundW
timeGetTime
mpr
WNetEnumResourceW
WNetCloseEnum
WNetOpenEnumW
psapi
EnumProcesses
GetModuleBaseNameW
EnumProcessModules
ws2_32
WSASetLastError
getsockname
getsockopt
connect
bind
accept
htonl
freeaddrinfo
getaddrinfo
WSAGetLastError
setsockopt
WSASocketW
WSASend
WSARecv
listen
select
ioctlsocket
closesocket
__WSAFDIsSet
WSACleanup
WSAStartup
WSAIoctl
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 477KB - Virtual size: 477KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 156KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ