DMIEDIT[.]EXE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

DMIEDIT.EXE
Size

874KB
MD5

4117a0dffac69925a633663152b4f6c6
SHA1

0b551b82844f33aa614e73225146be8ed0841934
SHA256

9ccaa2db160696fb80254c618e5b9209721cc7e346e232975f89779153f4b110
SHA512

4c3d2109b26d44e4cf87c43dfc16f59fe8cfbca6037aa99a438356e918de3127f80d7e316e32a8eb21a2d7929f5cf2c893247de7d7c29bb67554c310bffded2d
SSDEEP

12288:cMsfL7gwKG2BuXYy1XqFYf6g8sKqNij8PGFo0rmMkwNq1C:cMsjEwKXs5qOSoNiQPGFlrZkw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DMIEDIT.EXE

Files

DMIEDIT.EXE
.exe windows:5 windows x86 arch:x86

94a15243b64f8836e8a90164f8331bb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
CallWindowProcA
GetWindowPlacement
UnhookWindowsHookEx
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
GetActiveWindow
GetDlgCtrlID
LoadIconA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
IsIconic
InsertMenuItemA
GetClassInfoA
IntersectRect
SetRectEmpty
GetMenu
BringWindowToTop
SetMenu
ShowWindow
TranslateAcceleratorA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
GetWindow
SetFocus
ShowOwnedPopups
GetCursorPos
SetWindowPos
WindowFromPoint
ScreenToClient
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
GetMenuStringA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
RegisterWindowMessageA
PostMessageA
GetClassNameA
GetDlgItem
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetKeyState
wsprintfA
SystemParametersInfoA
BlockInput
ExitWindowsEx
RegisterClassExA
GetFocus
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
SendDlgItemMessageA
GetForegroundWindow
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
EnableWindow
UpdateWindow
ReleaseCapture
IsWindow
GetSysColor
RedrawWindow
ReleaseDC
PeekMessageA
InvalidateRect
SetWindowLongA
MessageBoxA
InflateRect
GetDC
PtInRect
SendMessageA
GetClientRect
MessageBeep
GetParent
SetCapture
PostQuitMessage
GetWindowRect
SetCursor
CopyRect
ModifyMenuA
DestroyIcon
InsertMenuA
GetSystemMetrics
RemoveMenu
GetMenuItemCount
AppendMenuA
GetSysColorBrush
CreatePopupMenu
GetMenuItemInfoA
GetDesktopWindow
TabbedTextOutA
GetMenuState
SetRect
DrawTextExA
DrawEdge
GrayStringA
CreateMenu
LoadBitmapA
DeleteMenu
DrawIconEx
GetSubMenu
DrawTextA
GetMenuItemID
FillRect
GetWindowLongA
OffsetRect
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
DestroyCursor
LoadCursorA
SetCursorPos
IsRectEmpty
DrawIcon
SetWindowRgn
SetTimer
KillTimer
GetSystemMenu
SetParent
IsZoomed
UnregisterClassA
RemovePropA
GetPropA
SetPropA
GetClassLongA
IsChild
CharUpperA
CopyAcceleratorTableA
PostThreadMessageA
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA

kernel32

ExitProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
ExitThread
FreeEnvironmentStringsW
HeapSize
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStringsW
QueryPerformanceCounter
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetStringTypeA
GetStringTypeW
CreateFileW
GetUserDefaultLCID
SetThreadExecutionState
GetLastError
CreateMutexA
SetConsoleCtrlHandler
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetVersionExA
DeleteFileA
GetCurrentDirectoryA
CreateFileA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
DeviceIoControl
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
GetFullPathNameA
CreateThread
LocalFree
CreateNamedPipeA
WriteFile
ReadFile
FindResourceA
lstrlenA
LoadResource
WideCharToMultiByte
SizeofResource
lstrcatA
LockResource
WinExec
lstrcpyA
WaitForSingleObject
GetCPInfo
MultiByteToWideChar
lstrlenW
SetLastError
lstrcmpiA
GetVersion
FreeResource
GlobalLock
GlobalUnlock
GetCurrentProcessId
MulDiv
FormatMessageA
GlobalAlloc
GlobalFree
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomA
GlobalGetAtomNameA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
GlobalFindAtomA
GetFileAttributesA
SetFileTime
GetFileTime
GetTempFileNameA
GetDiskFreeSpaceA
MoveFileA
GetStringTypeExA
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetShortPathNameA
SetErrorMode
FileTimeToSystemTime
SystemTimeToFileTime
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleHandleW
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringA
GetOEMCP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
GetFileSizeEx
GetTickCount
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
ReadConsoleInputA
SetConsoleMode
GetEnvironmentStrings

advapi32

RegDeleteKeyA
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
OpenSCManagerA
DeleteService
ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
RegQueryValueExA
RegSetValueA
RegEnumKeyA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
ShellExecuteA

gdi32

GetTextExtentPoint32A
SelectObject
CreateSolidBrush
ExtTextOutA
GetPixel
RectVisible
CreatePen
Escape
PtVisible
Ellipse
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SetPixel
CreateFontA
CreateDIBSection
DeleteDC
GetBkMode
PatBlt
GetTextExtentPoint32W
BitBlt
GetCurrentObject
CreateDCA
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetBkMode
CreateFontIndirectA
GetObjectA
GetStockObject
GetDeviceCaps
TextOutA
GetWindowOrgEx
GetTextExtentPointA
GetTextFaceA
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkColor
GetNearestColor
CombineRgn
SetRectRgn
StretchDIBits
GetCharWidthA
GetTextMetricsA
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetViewportOrgEx
CreateRectRgnIndirect
CreatePatternBrush
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode

comdlg32

GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoInitializeEx
CoUninitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 630KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 897KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94a15243b64f8836e8a90164f8331bb2

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

shell32

gdi32

comdlg32

winspool.drv

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 630KB - Virtual size: 630KB

.rdata Size: 171KB - Virtual size: 171KB

.data Size: 42KB - Virtual size: 897KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 630KB - Virtual size: 630KB

.rdata
Size: 171KB - Virtual size: 171KB

.data
Size: 42KB - Virtual size: 897KB

.rsrc
Size: 29KB - Virtual size: 28KB