5d225b9155be8a4c581f7fa3c5fde6d902d4b1a9b3086eb9bfea17c920adb956

Sharing

Copy URL Twitter E-mail

General

Target

5d225b9155be8a4c581f7fa3c5fde6d902d4b1a9b3086eb9bfea17c920adb956
Size

7.2MB
MD5

cf91f312aa3be85c74afd8f4aca6d5b4
SHA1

a7143980fc60260566bbef94040ee75cc0a2dad4
SHA256

5d225b9155be8a4c581f7fa3c5fde6d902d4b1a9b3086eb9bfea17c920adb956
SHA512

2164dfdb36183592601dc6209b457e6c4513ea1e114ff9c9c093c0ff8efe45c4dc3372ae8d9edf8a4afc15e539e14fe743982c5ca9cd8487432e040a293764bd
SSDEEP

196608:gXD9F21nR5wKrwr0vbPAIBb+Lqc5Q9FsfhFLOyomFHKnPaIXr:2D9+R5wK7PAqRcK9FsfhFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d225b9155be8a4c581f7fa3c5fde6d902d4b1a9b3086eb9bfea17c920adb956

Files

5d225b9155be8a4c581f7fa3c5fde6d902d4b1a9b3086eb9bfea17c920adb956
.exe windows:5 windows x86 arch:x86

37b53b6ff37dbac1467b6bcf2861a91f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\microclient\Hxjy2\bin\Hxjy2.pdb

Imports

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
GetCPInfo
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
RtlUnwind
VirtualAlloc
VirtualQuery
ExitThread
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
CreateSemaphoreW
GetConsoleMode
ReadConsoleW
GetConsoleCP
IsValidCodePage
GetACP
GetOEMCP
SetFilePointerEx
GetStringTypeW
GetTimeZoneInformation
OutputDebugStringW
GetDateFormatW
GetCommandLineW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
WriteConsoleW
SetEnvironmentVariableA
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualFree
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalGetAtomNameW
GetThreadLocale
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
ResumeThread
lstrcmpA
GetCurrentThread
GetFileTime
GetFileAttributesExW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeLibrary
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
FormatMessageW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetPrivateProfileIntW
SetEvent
ResetEvent
CreateFileA
SetThreadPriority
GetModuleFileNameA
GetTempFileNameA
GetTempPathA
WritePrivateProfileStringW
IsWow64Process
CreateEventW
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
TerminateThread
CreateThread
LocalFree
LocalAlloc
GetSystemTimes
GlobalMemoryStatus
FileTimeToLocalFileTime
SetFileAttributesW
RemoveDirectoryW
SetLastError
GetFileSizeEx
GetTempPathW
GetModuleFileNameW
CopyFileW
Sleep
GetPrivateProfileStringW
FreeResource
lstrcmpW
CreatePipe
GetSystemInfo
GlobalMemoryStatusEx
TerminateProcess
CreateProcessA
GetModuleHandleW
WaitForSingleObject
lstrcpyW
WriteProcessMemory
GetSystemTime
GetCurrentProcessId
GetCurrentThreadId
lstrcatW
lstrcmpiW
QueryDosDeviceW
LoadLibraryA
GetProcAddress
lstrlenW
GetVersionExW
LoadLibraryW
OpenProcess
GetLogicalDriveStringsW
GetCurrentProcess
SetUnhandledExceptionFilter
CreateProcessW
SetErrorMode
GetLocalTime
FileTimeToSystemTime
GetTickCount
UnmapViewOfFile
GetFileSize
LocalFileTimeToFileTime
CloseHandle
GetCurrentDirectoryW
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
WriteFile
SetFileTime
CreateDirectoryW
SystemTimeToFileTime
SetFilePointer
DeleteFileW
FindNextFileW
DeleteCriticalSection
DecodePointer
LockResource
FindClose
HeapSize
GetLastError
RaiseException
HeapDestroy
SizeofResource
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
MoveFileExW
HeapAlloc
LoadResource
FindResourceW
FindResourceExW
FindFirstFileW
HeapReAlloc
GetTimeFormatW
WideCharToMultiByte

user32

CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
UpdateWindow
SetWindowPos
PostMessageW
ScreenToClient
DrawIconEx
SystemParametersInfoW
MoveWindow
GetSystemMetrics
SetClipboardData
LoadIconW
GetForegroundWindow
AttachThreadInput
EmptyClipboard
DrawStateW
DrawEdge
SetForegroundWindow
SetTimer
IsWindowVisible
KillTimer
DestroyWindow
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
GetClientRect
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetSysColor
GetParent
LoadCursorW
SetCursor
InvalidateRect
SetWindowRgn
GetWindowRect
FillRect
GetDC
ReleaseDC
LoadBitmapW
EnableWindow
SendMessageW
GetCursorPos
SetCapture
PtInRect
ReleaseCapture
GetCapture
DrawFrameControl
UnionRect
IsMenu
UpdateLayeredWindow
MonitorFromPoint
BringWindowToTop
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
LoadAcceleratorsW
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetSystemMenu
IsZoomed
GetComboBoxInfo
GetAsyncKeyState
GetWindowThreadProcessId
GetDesktopWindow
wsprintfW
UnregisterClassW
LoadImageW
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
CallWindowProcW
NotifyWinEvent
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
FindWindowExW
TranslateAcceleratorW
SetRectEmpty
DrawFocusRect
GetMenuDefaultItem
CreatePopupMenu
PostThreadMessageW
DestroyIcon
IsIconic
MessageBeep
GetNextDlgGroupItem
DeleteMenu
CharUpperW
RegisterClipboardFormatW
RealChildWindowFromPoint
CopyImage
GetMenuItemInfoW
DestroyMenu
CharNextW
GetSysColorBrush
ShowOwnedPopups
TranslateMessage
GetMessageW
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
SendDlgItemMessageA
InflateRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
WindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
ShowWindow
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsRectEmpty
OffsetRect
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsWindow

advapi32

RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegOpenKeyExW

ole32

OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleLockRunning
CoInitializeEx
CoRegisterMessageFilter
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize

shell32

SHGetSpecialFolderLocation
SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW
ShellExecuteW
SHGetMalloc

oleaut32

VarBstrFromDate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
OleCreateFontIndirect
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
DispCallFunc
LoadRegTypeLi
VariantChangeType
VariantCopy
SysAllocString
SysAllocStringLen
VariantInit
VariantClear
SysFreeString

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

psapi

GetProcessImageFileNameW
EnumProcessModules
GetModuleFileNameExW
EnumProcesses
GetModuleBaseNameW

gdi32

CreateCompatibleBitmap
StretchBlt
CreateRectRgn
GetPixel
CombineRgn
BitBlt
CreateFontIndirectW
CopyMetaFileW
CreateDCW
GetDeviceCaps
SetBkColor
SetTextColor
CreateRectRgnIndirect
GetRgnBox
CreateBitmap
PatBlt
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
GetObjectW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
GetStockObject
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comctl32

_TrackMouseEvent
ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked
InitCommonControlsEx

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipGetImageWidth
GdiplusStartup
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipGetImagePalette
GdipBitmapLockBits
GdipCreateFromHDC
GdiplusShutdown
GdipFree
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipDeleteGraphics
GdipDrawImageRectI
GdipBitmapUnlockBits
GdipAlloc
GdipDisposeImage
GdipCreateHBITMAPFromBitmap

wininet

InternetCloseHandle
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
DeleteUrlCacheEntryW
HttpOpenRequestW
InternetCheckConnectionW
InternetGetCookieW
InternetSetFilePointer
InternetOpenW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
InternetConnectW

winmm

PlaySoundW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ym
Size: 799KB - Virtual size: 799KB

IMAGE_SCN_MEM_EXECUTE

Sharing

General

Malware Config

Signatures

Files

37b53b6ff37dbac1467b6bcf2861a91f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

psapi

gdi32

msimg32

winspool.drv

comctl32

uxtheme

oledlg

gdiplus

wininet

winmm

oleacc

imm32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 403KB - Virtual size: 403KB

.data Size: 36KB - Virtual size: 80KB

.rsrc Size: 4.1MB - Virtual size: 4.1MB

.reloc Size: 142KB - Virtual size: 141KB

.ym Size: 799KB - Virtual size: 799KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 403KB - Virtual size: 403KB

.data
Size: 36KB - Virtual size: 80KB

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

.reloc
Size: 142KB - Virtual size: 141KB

.ym
Size: 799KB - Virtual size: 799KB