69704e632b767e35ab9334736fbc93e0ae860a335e4c77993f208c8308b08b3c

Sharing

Copy URL Twitter E-mail

General

Target

69704e632b767e35ab9334736fbc93e0ae860a335e4c77993f208c8308b08b3c
Size

1.2MB
MD5

8dd39e1f0031108f6088a218351c84f7
SHA1

c7d0a82fc6361b75c89d63f40eb22050b974af89
SHA256

69704e632b767e35ab9334736fbc93e0ae860a335e4c77993f208c8308b08b3c
SHA512

34ecdcfe575f6d892b91a78c5af9e5bfbe52c98e78989de0fda00d8941b3ebc077c98cfd2256fc2e5088fd9517905b0eb3f1b207641ddae411ef05608187ff3b
SSDEEP

24576:gDMUWjjTrXaQbLTNjx+mZCkt76f/24pN+XNqNG6hditW:gTWjrXlf9Ckt7c20+9qNxUW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69704e632b767e35ab9334736fbc93e0ae860a335e4c77993f208c8308b08b3c

Files

69704e632b767e35ab9334736fbc93e0ae860a335e4c77993f208c8308b08b3c
.exe windows:6 windows x64 arch:x64

f91ede44756769f3e101a2b4cba31a91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\SCD\Documents\MyWork\Project--dynabookFunctionKeyControlService\FunctionKeyControlService_dev\x64\Release\DSDFunctionKeyCtlService.pdb

Imports

kernel32

DecodePointer
DeleteCriticalSection
CreateFileW
DeviceIoControl
FindPackagesByPackageFamily
LoadLibraryW
FreeLibrary
GetProcAddress
ProcessIdToSessionId
GetCurrentProcessId
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
GetModuleHandleW
K32EnumProcesses
OpenProcess
K32EnumProcessModules
K32GetModuleBaseNameW
lstrcmpW
LocalFree
GetSystemDirectoryW
GetCurrentProcess
InitializeCriticalSection
CreateProcessW
ReadFile
SetEndOfFile
WriteConsoleW
SetFilePointerEx
SetStdHandle
LCMapStringW
GetStringTypeW
LoadLibraryExW
FreeEnvironmentStringsW
RaiseException
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetCommandLineW
GetFileAttributesExW
CreateDirectoryW
InitializeCriticalSectionEx
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
TerminateThread
Sleep
WTSGetActiveConsoleSessionId
CreateThread
CloseHandle
GetCurrentThreadId
GetLocalTime
GetDateFormatW
GetTimeFormatW
GetTickCount
OutputDebugStringW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
IsProcessorFeaturePresent
EncodePointer
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
GetPrivateProfileIntW
GetModuleFileNameW
GetLastError
GetEnvironmentStringsW
ReadConsoleW

user32

LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
IsWindow
CreateWindowExW
ShowWindow
PostMessageW
FindWindowW
RegisterWindowMessageW
AttachThreadInput
SetFocus
BringWindowToTop
SwitchToThisWindow
SetWindowPos
IsWindowVisible
GetWindowTextW
RegisterClassExW
EnumWindows
LockWorkStation
MapVirtualKeyW
SendMessageW
SetForegroundWindow
FindWindowExW
GetClassNameW
GetForegroundWindow
wsprintfW
CharUpperW
LoadStringW
SendInput
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplayDevicesW
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetDisplayConfigBufferSizes
ChangeDisplaySettingsExW
GetSystemMetrics
GetRawInputDeviceInfoW
GetRawInputData
RegisterRawInputDevices
KillTimer
SetTimer
ChangeWindowMessageFilter
DefWindowProcW
PostQuitMessage
UpdateWindow
GetWindowThreadProcessId

advapi32

RegEnumKeyExW
RegQueryValueExW
RegNotifyChangeKeyValue
RegCloseKey
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus
ControlService
StartServiceW
DeleteService
CreateServiceW
CloseServiceHandle
ChangeServiceConfig2W
OpenServiceW
OpenSCManagerW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenCurrentUser
RegOpenKeyW
RegGetValueW
RegQueryInfoKeyW
CreateProcessAsUserW
DuplicateTokenEx
RegSetValueExW
RegOpenKeyExW

shell32

SHGetFolderPathW
ShellExecuteW

ole32

CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
SysFreeString
VariantInit
SysAllocString

shlwapi

StrStrIW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

wtsapi32

WTSQueryUserToken
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW

hid

HidD_GetAttributes
HidD_SetOutputReport
HidD_GetHidGuid

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW

powrprof

SetSuspendState

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f91ede44756769f3e101a2b4cba31a91

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

userenv

wtsapi32

hid

setupapi

powrprof

Sections

.text Size: 269KB - Virtual size: 269KB

.rdata Size: 159KB - Virtual size: 158KB

.data Size: 9KB - Virtual size: 34KB

.pdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 217KB - Virtual size: 217KB

.reloc Size: 568KB - Virtual size: 572KB

.text
Size: 269KB - Virtual size: 269KB

.rdata
Size: 159KB - Virtual size: 158KB

.data
Size: 9KB - Virtual size: 34KB

.pdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 217KB - Virtual size: 217KB

.reloc
Size: 568KB - Virtual size: 572KB