e:\KINGSOFT_DUBA\Build\Build_Src\kfree\ksafe\product\win32\kmspeed.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f.exe
Resource
win7-20240215-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f
-
Size
5.8MB
-
MD5
50c13db931091facc38fafee041a8f6a
-
SHA1
89113a9e5054b4ae5d99b2d01c67ff9b61169fe6
-
SHA256
659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f
-
SHA512
7169986748efe02d1ddb8b1d817834ce0fa38429386e3907f36ac14869b764addcba3a9dd5a5120f88f8c376fcc1dd692e188b22c9f2d056246483d482684897
-
SSDEEP
49152:ayBh99xPHRP9XBYAlPqAOWIu+56Hd4rt79:rz5BaB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f
Files
-
659f39e58f0d1445f47115852c39bc87495363caa204f517c1786d113ee1981f.exe windows:4 windows x86 arch:x86
4102160071253ff627f6397e90439c54
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
psapi
EnumProcesses
GetModuleFileNameExW
ws2_32
bind
ntohs
htons
getsockname
send
recv
getaddrinfo
WSASocketW
WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup
inet_addr
select
setsockopt
sendto
WSAGetLastError
closesocket
getsockopt
getpeername
connect
socket
WSASetLastError
freeaddrinfo
__WSAFDIsSet
ioctlsocket
recvfrom
kernel32
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
FreeLibrary
GlobalUnlock
GlobalSize
InterlockedCompareExchange
Sleep
SetFilePointer
TerminateJobObject
CreateFileMappingW
MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
TerminateProcess
OpenProcess
GetTickCount
SetThreadLocale
SetCurrentDirectoryW
GetSystemDirectoryW
GetCurrentProcessId
GetLocalTime
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
LoadLibraryExW
SystemTimeToFileTime
InitializeCriticalSectionAndSpinCount
SetEndOfFile
CreateFileW
WaitForMultipleObjects
MoveFileExW
CreateWaitableTimerW
SetWaitableTimer
ResetEvent
GetDiskFreeSpaceExW
SleepEx
ExpandEnvironmentStringsW
FormatMessageW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
CreateDirectoryW
LoadLibraryA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetFileSize
ReadFile
WriteFile
GetFileAttributesW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
DeleteFileW
QueryPerformanceCounter
GetTempFileNameW
InitializeCriticalSection
GetLastError
TerminateThread
WaitForSingleObject
CloseHandle
SetEvent
WideCharToMultiByte
GetSystemTimeAsFileTime
lstrlenW
CreateThread
CreateEventW
QueryPerformanceFrequency
MultiByteToWideChar
GetVersionExW
GetModuleFileNameW
FlushInstructionCache
GetCurrentProcess
GetProcAddress
GetModuleHandleW
DeviceIoControl
lstrlenA
GlobalFree
SetFileAttributesW
LocalFree
GlobalLock
FreeResource
GetCurrentThreadId
LoadLibraryW
SetLastError
GlobalAlloc
user32
GetClassInfoExW
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
PeekMessageW
CopyRect
DefWindowProcW
RegisterClassExW
CreateWindowExW
CallWindowProcW
SetActiveWindow
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
EnableWindow
IsWindowEnabled
GetDesktopWindow
GetActiveWindow
PostMessageW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
InvalidateRect
DestroyWindow
GetFocus
MapWindowPoints
InflateRect
OffsetRect
DrawTextW
GetDlgItem
DestroyIcon
EqualRect
IsWindowVisible
DrawFrameControl
LoadImageW
LoadIconW
DrawIconEx
UpdateLayeredWindow
RedrawWindow
SetCapture
GetNextDlgTabItem
GetDlgCtrlID
PostThreadMessageW
GetScrollPos
WindowFromPoint
GetMonitorInfoW
MonitorFromWindow
SetLayeredWindowAttributes
GetKeyState
ShowWindow
GetDC
ReleaseDC
PtInRect
LoadCursorW
SetCursor
SendMessageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
SetFocus
GetClientRect
OpenClipboard
SetWindowPos
MoveWindow
FillRect
SetWindowRgn
BeginPaint
EndPaint
ClientToScreen
ReleaseCapture
CloseClipboard
SetClipboardData
EmptyClipboard
SetTimer
KillTimer
GetWindowLongW
SetWindowLongW
RegisterWindowMessageW
UnregisterClassA
SetRect
GetCursorPos
SetScrollInfo
GetScrollInfo
ScrollWindowEx
UpdateWindow
ScreenToClient
SetScrollPos
CharNextW
GetWindowDC
GetSystemMetrics
PostQuitMessage
IsIconic
FindWindowExW
gdi32
SetBkColor
SetTextColor
GetObjectW
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
StretchBlt
MoveToEx
LineTo
Rectangle
SetRectRgn
OffsetRgn
PtInRegion
SetViewportOrgEx
EnumFontFamiliesExW
CreateBitmap
CreateCompatibleBitmap
SetBkMode
CreatePatternBrush
GetStockObject
GetTextColor
ExtTextOutW
RectInRegion
CreateFontIndirectW
StretchDIBits
SetDIBitsToDevice
SelectClipRgn
RoundRect
CreatePen
CreateRectRgn
CreateRectRgnIndirect
GetClipRgn
CombineRgn
GetRegionData
GetCurrentObject
GetGlyphOutlineW
GetTextMetricsW
SaveDC
RestoreDC
TextOutW
CreateSolidBrush
CreatePolygonRgn
GetTextExtentPoint32W
advapi32
GetAce
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
GetNamedSecurityInfoW
GetAclInformation
RegCloseKey
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
SetNamedSecurityInfoW
InitializeAcl
AddAce
CopySid
IsValidSid
GetLengthSid
RegQueryValueExW
RegOpenKeyExW
shell32
SHGetFileInfoA
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathW
ole32
CoInitializeEx
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateGuid
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CoTaskMemFree
oleaut32
SysFreeString
VarUI4FromStr
shlwapi
PathFileExistsW
PathRemoveFileSpecW
StrToIntW
StrToIntA
PathFileExistsA
StrStrIA
SHSetValueW
SHGetValueW
PathGetDriveNumberW
PathIsFileSpecW
StrStrIW
PathAppendW
comctl32
_TrackMouseEvent
msimg32
TransparentBlt
AlphaBlend
msvcp80
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?eof@ios_base@std@@QBE_NXZ
??7ios_base@std@@QBE_NXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_WI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IBEPB_WXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?good@ios_base@std@@QBE_NXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
gdiplus
GdipGetDC
GdiplusShutdown
GdiplusStartup
GdipSetPageScale
GdipSetPageUnit
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipReleaseDC
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipGetPixelOffsetMode
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipDeleteFont
GdipSetImageAttributesRemapTable
GdipDrawLineI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectRectI
GdipFillRectangleI
GdipCloneImage
GdipCloneBrush
GdipDrawImageRectRect
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipGetImageEncoders
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
GdipAddPathPieI
GdipDrawImagePointsRectI
GdipSetClipPath
GdipSetStringFormatTrimming
GdipSetClipRect
GdipCreateFont
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToFile
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipFree
GdipAlloc
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipResetWorldTransform
GdipSetImageAttributesWrapMode
wininet
InternetSetOptionW
InternetOpenW
InternetQueryOptionW
InternetCrackUrlW
HttpOpenRequestW
InternetOpenUrlW
HttpEndRequestW
InternetReadFileExA
InternetConnectW
HttpQueryInfoW
InternetSetStatusCallbackW
InternetReadFile
InternetCloseHandle
HttpSendRequestExW
InternetGetConnectedState
msvcr80
wcsncpy
_wcsicmp
sprintf
fclose
fwrite
fseek
fopen
_beginthread
_time64
_CIsin
_CIcos
wcsncpy_s
wcscpy_s
wprintf_s
fprintf
_wtoi
_i64toa_s
_atoi64
atof
tolower
fputc
sscanf_s
_vsnprintf_s
fopen_s
_wfopen_s
fread
ftell
isalpha
isalnum
strncmp
strchr
isspace
memmove
strncat
wcsncmp
srand
rand
iswspace
_vsnwprintf
_mbslwr_s
atoi
_stricmp
__RTDynamicCast
sscanf
_mbsstr
_mbsicmp
vsprintf_s
_vscprintf
_mbscmp
_mbschr
__CxxFrameHandler3
memcpy
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??_V@YAXPAX@Z
malloc
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_wcslwr_s
wcschr
wcsstr
swprintf_s
_invalid_parameter_noinfo
wcscat_s
_wcsnicmp
mbstowcs
wcstol
_wcserror
_errno
_swprintf
_local_unwind4
_wfopen
memcmp
wcslen
_beginthreadex
_strnicmp
strlen
wcsncat
_wtoi64
_snwprintf
wcscmp
strcmp
strcpy
realloc
_stat64
strrchr
__iob_func
strtoul
strstr
strtol
isxdigit
strncpy
_strtoi64
fgets
qsort
fputs
fflush
isdigit
memchr
getenv
strerror
__sys_nerr
_gmtime64
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_strdup
ferror
_purecall
wcsrchr
printf
_recalloc
calloc
free
memset
memmove_s
vswprintf_s
_vscwprintf
memcpy_s
??3@YAXPAX@Z
iphlpapi
GetNetworkParams
GetAdaptersInfo
SendARP
rasapi32
RasEnumConnectionsW
RasEnumDevicesW
RasGetConnectionStatistics
RasGetConnectStatusW
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 792KB - Virtual size: 788KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4.9MB - Virtual size: 4.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ