e:\KINGSOFT_DUBA\Build\Build_Src\drivergenius_main\dgmain_1615_20201201_fb\product\win32\sysopt.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360.exe
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360
-
Size
467KB
-
MD5
198a1462fd5c7266700367697ce87a78
-
SHA1
2ad5a02e82b925134f831b4a0bc7b010612e2d28
-
SHA256
4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360
-
SHA512
89deafe936bf469d61ab47fdff86517656638e8b884f4e179435c5bf65cf1cc2a0dad39f114d674ae5446c00ba70b0ca0d6abae326f096dd1a9bd2daad0a5b5d
-
SSDEEP
6144:RCS1t7S4QUSnl8uratVUOERaGZ52tMhKWqic9LS:ESPk8iaiZUtMhK9i0LS
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360
Files
-
4f2b7b39a7ba220f8b19c0ead9d2a0e78f7d902c0884a03d8e9e1afa6e9d4360.exe windows:4 windows x86 arch:x86
1ae70f55d0c19b5eaa02b32c58723e83
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
duilib
?SetResourceDll@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
??1CDuiString@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
?GetObjectW@CDelegateBase@DuiLib@@IAEPAXXZ
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
?GetData@CDuiString@DuiLib@@QBEPB_WXZ
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
??0CDialogBuilder@DuiLib@@QAE@XZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
??1CDialogBuilder@DuiLib@@QAE@XZ
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z
?SetShowHtml@CLabelUI@DuiLib@@QAEX_N@Z
?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z
?GetSizeBox@CPaintManagerUI@DuiLib@@QAEAAUtagRECT@@XZ
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?messageMap@WindowImplBase@DuiLib@@1UDUI_MSGMAP@2@B
??1CDelegateBase@DuiLib@@UAE@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
?GetPaintWindow@CPaintManagerUI@DuiLib@@QBEPAUHWND__@@XZ
?GetPlugins@CPaintManagerUI@DuiLib@@SAPAVCStdPtrArray@2@XZ
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
?Create@CShadowUI@DuiLib@@QAEXPAUHWND__@@PAVCPaintManagerUI@2@@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetShadow@CPaintManagerUI@DuiLib@@QAEPAVCShadowUI@2@XZ
?CopyShadow@CShadowUI@DuiLib@@QAE_NPAV12@@Z
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?ParentProc@CShadowUI@DuiLib@@QAGJPAUHWND__@@IIJ@Z
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
??1CShadowUI@DuiLib@@UAE@XZ
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetResourceID@WindowImplBase@DuiLib@@UBEPB_WXZ
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?GetResourceType@WindowImplBase@DuiLib@@UBE?AW4UILIB_RESOURCETYPE@2@XZ
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
??0WindowImplBase@DuiLib@@QAE@XZ
??0CShadowUI@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z
?LoadPlugin@CPaintManagerUI@DuiLib@@SA_NPB_W@Z
dgctrl
?StartAnimator@CSystemHelperListUI@@QAEXXZ
?Scale@CDGScaleButtonUI@@QAEXXZ
?SetState@CSystemHelperContainerUI@@QAEXH@Z
?Rotate@CDGRotateImgUI@@QAEX_N@Z
?StartAnimator@CSystemHelperContainerUI@@QAEXXZ
?AddData@CSysHelperRcmdItemData@@QAEXW4RcmdItemType@@URcmdItemDataInfo@@@Z
?EnumSubCtrls@CSysHelperRcmdItemData@@QAEXXZ
?InitPos@CSystemHelperContainerUI@@QAEXXZ
patchcore
ord340
kernel32
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
HeapSize
HeapReAlloc
HeapDestroy
FindResourceExW
CloseHandle
Sleep
GetProcAddress
InterlockedIncrement
InterlockedDecrement
MapViewOfFile
OpenFileMappingW
MapViewOfFileEx
GetLastError
CreateFileMappingW
SetEvent
TerminateProcess
UnmapViewOfFile
GetCommandLineW
WritePrivateProfileStringW
GetModuleHandleW
GetVersionExW
VerifyVersionInfoW
VerSetConditionMask
GetModuleFileNameW
FreeLibrary
GetPrivateProfileIntW
OutputDebugStringW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
HeapFree
GetProcessHeap
HeapAlloc
lstrlenW
GetCurrentProcess
LocalFree
OpenProcess
OpenEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TlsAlloc
ReleaseSemaphore
TlsFree
TlsGetValue
WaitForSingleObject
OpenEventA
ResetEvent
TlsSetValue
ResumeThread
SystemTimeToFileTime
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
FormatMessageA
LoadResource
LockResource
SizeofResource
CreateEventA
LoadLibraryW
FindResourceW
user32
DefWindowProcW
UpdateLayeredWindow
LoadCursorW
RegisterClassW
CreateWindowExW
GetDC
ReleaseDC
IntersectRect
SetWindowLongW
ShowWindow
FindWindowW
MessageBoxW
DestroyWindow
KillTimer
ScreenToClient
GetClientRect
IsZoomed
UnregisterClassA
UpdateWindow
PtInRect
PostQuitMessage
IsWindow
PostMessageW
SetTimer
GetWindowLongW
GetWindowRect
SetWindowPos
SendMessageW
SetForegroundWindow
gdi32
GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
CreateDIBSection
GetStockObject
DeleteObject
GetObjectW
advapi32
ChangeServiceConfigW
StartServiceW
ControlService
OpenProcessToken
GetTokenInformation
IsValidSid
RegSetValueExW
RegCreateKeyExW
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
QueryServiceConfigW
shell32
SHGetSpecialFolderLocation
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
ole32
CoTaskMemFree
CoInitialize
CoInitializeSecurity
CoUninitialize
CoCreateInstance
shlwapi
PathFileExistsW
StrFormatByteSizeW
msvcp80
?max@?$numeric_limits@_J@std@@SA_JXZ
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?max@?$numeric_limits@I@std@@SAIXZ
?eq@?$char_traits@_W@std@@SA_NAB_W0@Z
?max@?$numeric_limits@H@std@@SAHXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
??0_Lockit@std@@QAE@H@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$numpunct@_W@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?max@?$numeric_limits@_K@std@@SA_KXZ
?classic@locale@std@@SAABV12@XZ
??8locale@std@@QBE_NABV01@@Z
??1locale@std@@QAE@XZ
?grouping@?$numpunct@_W@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?thousands_sep@?$numpunct@_W@std@@QBE_WXZ
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
?assign@?$char_traits@_W@std@@SAXAA_WAB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W0@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?max_size@?$allocator@_W@std@@QBEIXZ
?allocate@?$allocator@_W@std@@QAEPA_WI@Z
??0?$allocator@_W@std@@QAE@ABV01@@Z
?deallocate@?$allocator@_W@std@@QAEXPA_WI@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?length@?$char_traits@D@std@@SAIPBD@Z
?width@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0locale@std@@QAE@XZ
msvcr80
wcspbrk
wcslen
_wcslwr_s
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
memcpy_s
wcscmp
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_swprintf
_beginthreadex
memset
??_V@YAXPAX@Z
memcpy
wcsncpy_s
_purecall
??0exception@std@@QAE@ABQBDH@Z
wcsrchr
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
_waccess
_time64
__RTDynamicCast
_wcsicmp
_vscwprintf
vswprintf_s
??8type_info@@QBE_NABV0@@Z
free
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
strerror
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__CxxFrameHandler3
??3@YAXPAX@Z
_gmtime64
wcschr
Sections
.text Size: 172KB - Virtual size: 170KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 56KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 216KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE