0a0d23872f91a41214e14527647185bf43033bf05289f7c61ae1b2da0e05339b

Sharing

Copy URL Twitter E-mail

General

Target

0a0d23872f91a41214e14527647185bf43033bf05289f7c61ae1b2da0e05339b
Size

2.1MB
MD5

5b80669ccbcc2a0ebe1cba2baa6c63be
SHA1

efa44e2c7cfb829ac8dacfb94f9566d670967bf9
SHA256

0a0d23872f91a41214e14527647185bf43033bf05289f7c61ae1b2da0e05339b
SHA512

7d3e5fa46ccb86af8de89c99177e2678ebd9eb259d88fbe446e750f1cf45c9183807e4320d94838d8c2bf7bf731948bf4c2b6e80aaa453d231e2f7790d31a3f2
SSDEEP

49152:MhAhRdGvyhZEsy5UfdTfKN+/fUaX79enqxTu2XHmCM4Aa/vdMXVbD7nWh8lCa+rU:bGvy/jy5UfdTff/sacnqxT3XHmV4Aa/Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a0d23872f91a41214e14527647185bf43033bf05289f7c61ae1b2da0e05339b

Files

0a0d23872f91a41214e14527647185bf43033bf05289f7c61ae1b2da0e05339b
.dll windows:5 windows x86 arch:x86

27b580c3a41bca0e95770616865802c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\WorkshopAgent\DevelopProj\Code\Oppo\4.72.XXX.1301\DialogCtrl_2.2.0817.1301\Bin\Release\windlgctl32.pdb

Imports

kernel32

ExitThread
EncodePointer
DecodePointer
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
VirtualAlloc
GetSystemInfo
HeapSize
HeapQueryInformation
GetSystemTimeAsFileTime
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
SetHandleCount
GetStdHandle
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetEnvironmentVariableA
VirtualProtect
GetFileTime
GetFileSizeEx
SizeofResource
FileTimeToLocalFileTime
GetTempFileNameW
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetFullPathNameW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcmpiW
lstrcpyW
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
InterlockedExchange
ReleaseActCtx
CreateActCtxW
lstrcmpA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
TerminateProcess
GetVolumeInformationW
QueryDosDeviceW
GetLogicalDrives
GetTickCount
CreateThread
FormatMessageW
GetVersionExW
GetACP
LocalFree
MultiByteToWideChar
lstrlenA
EnumResourceLanguagesW
FreeResource
VirtualQuery
FindResourceExW
GetFileInformationByHandle
CreateDirectoryW
FindFirstFileW
FindClose
CopyFileW
DeleteFileW
GetTempPathW
GetSystemDirectoryW
GetCurrentDirectoryW
GetModuleFileNameA
ExpandEnvironmentStringsW
WideCharToMultiByte
GetProfileStringW
OpenProcess
GetCurrentProcessId
GetFileAttributesExW
lstrlenW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
EnumResourceNamesW
OutputDebugStringA
GetModuleFileNameW
LoadLibraryExW
GetVersion
GetModuleHandleA
GetFileAttributesW
Sleep
WriteFile
CreateFileW
SetFilePointer
ReadFile
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
TerminateThread
WaitForSingleObject
WaitForMultipleObjects
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
ResetEvent
CreateEventW
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
DeactivateActCtx
SetLastError
FindResourceW
LoadResource
LockResource
LCMapStringW

user32

WaitMessage
PostThreadMessageW
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
CharUpperBuffW
LockWindowUpdate
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
TranslateAcceleratorW
BringWindowToTop
FrameRect
SetCursorPos
SetRect
DestroyAcceleratorTable
SetParent
RegisterClipboardFormatW
DrawFrameControl
DrawEdge
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetNextDlgGroupItem
CopyImage
HideCaret
DrawFocusRect
InvertRect
SetLayeredWindowAttributes
EnumDisplayMonitors
GetMenuDefaultItem
SetMenuDefaultItem
CreatePopupMenu
IsMenu
MonitorFromPoint
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
CharUpperW
IsIconic
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
SetWindowRgn
DeleteMenu
SetRectEmpty
GetSysColorBrush
RealChildWindowFromPoint
UnregisterClassW
SystemParametersInfoW
GetSystemMetrics
DestroyMenu
GetMenuItemInfoW
DrawStateW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapVirtualKeyW
GetKeyNameTextW
GetCursorPos
WindowFromPoint
IntersectRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
EndPaint
IsCharLowerW
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetMenuState
CheckMenuItem
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
MapVirtualKeyExW
GetDoubleClickTime
IsClipboardFormatAvailable
DestroyCursor
CreateMenu
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
MapDialogRect
SubtractRect
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetWindowRgn
DrawIcon
BeginPaint
GetMenu
SetWindowLongW
GetWindow
LoadMenuW
GetSubMenu
MessageBoxW
EnableMenuItem
GetSystemMenu
EnumChildWindows
GetWindowLongW
GetWindowThreadProcessId
GetClassNameW
CreateIconIndirect
SetClassLongW
LoadIconW
SetForegroundWindow
ShowWindow
EnumDesktopWindows
KillTimer
SetTimer
GetDesktopWindow
IsWindowVisible
LoadImageW
CopyIcon
GetClassLongW
DestroyIcon
GetIconInfo
PostMessageW
SetWindowPos
ReleaseDC
GetDC
LoadCursorW
SetCursor
OffsetRect
LoadBitmapW
GetWindowRect
RedrawWindow
IsWindow
GetParent
UpdateWindow
InvalidateRect
ReleaseCapture
SetCapture
PtInRect
GetClientRect
InflateRect
DrawIconEx
SendMessageW
CopyRect
GetSysColor
EnableWindow
GetWindowDC

gdi32

CreateFontIndirectW
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
CreateRoundRectRgn
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
CreateRectRgn
CreatePalette
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
GetRgnBox
CreateEllipticRgn
CreatePolygonRgn
GetTextColor
Polyline
Ellipse
Polygon
CreateDCW
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
SelectClipRgn
CreateHatchBrush
CopyMetaFileW
CreateSolidBrush
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
Rectangle
CreateCompatibleDC
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
CreateRectRgnIndirect
CreatePen
GetDIBits
GetObjectW
SetDIBits
GdiFlush
StretchBlt
SetStretchBltMode
SetDIBColorTable
GetPaletteEntries
GetStockObject
GetDeviceCaps
DeleteDC
SetPixel
DeleteObject
SelectObject
CreateDIBSection
BitBlt
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyW
RegQueryValueExA
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

SHAppBarMessage
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
DragQueryFileW
DragFinish
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

CoLockObjectExternal
RegisterDragDrop
OleLockRunning
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
OleGetClipboard
RevokeDragDrop
CreateStreamOnHGlobal
CoCreateInstance
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
DoDragDrop
CoTaskMemFree
CoCreateGuid
CoInitialize
CoInitializeEx
CoUninitialize

oleaut32

SysAllocStringLen
VarBstrFromDate
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
LoadTypeLi
VariantCopy
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysFreeString

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageRectI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

??4CDialogCtrlAPI@@QAEAAV0@ABV0@@Z
?DWMAddFailedInfo@CDialogCtrlAPI@@SGHPB_WKKK@Z
?DWMAddFailedInfo@CDialogCtrlAPI@@SGHPB_WKKKK@Z
?DWMFailedShow@CDialogCtrlAPI@@SGHPAUHWND__@@PB_W@Z
?DWMGetFailedCfgInfo@CDialogCtrlAPI@@SGHPAHPAPA_WPAK@Z
?DelDWMAddFailedInfo@CDialogCtrlAPI@@SGHPB_WKKK@Z
?DelDWMFailedShow@CDialogCtrlAPI@@SGHKPAUHWND__@@@Z
?DelDWMFailedShow@CDialogCtrlAPI@@SGHKPAUHWND__@@H@Z
?DelDWMGetFailStr@CDialogCtrlAPI@@SGHKPAPA_WPAK@Z
?DelDWMShow2@CDialogCtrlAPI@@SGHPAUHWND__@@H@Z
?DelDWMShow@CDialogCtrlAPI@@SGHPAUHWND__@@H@Z
?DelDWMStop@CDialogCtrlAPI@@SGXH@Z
?DelDWMUpdate@CDialogCtrlAPI@@SGXPB_WPAHH@Z
?DocPolicyShow@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@@Z
?DocPolicyStop@CDialogCtrlAPI@@SGXPAU_GUID@@@Z
?FreeBuff@CDialogCtrlAPI@@SGXPAX@Z
?GetMsg@CDialogCtrlAPI@@SGHKKPAPA_WPAK@Z
?MarqueeShow2@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@HPB_W2KKHK@Z
?MarqueeShow@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@HPB_W2@Z
?MarqueeShow@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@HPB_W2H@Z
?OutSendShow@CDialogCtrlAPI@@SGHPAUHWND__@@@Z
?OutSendStop@CDialogCtrlAPI@@SGXXZ
?PEPStart2@CDialogCtrlAPI@@SGHKPAUHICON__@@PAX1PAK@Z
?PEPStart@CDialogCtrlAPI@@SGHKPAX0PAK@Z
?PEPStop@CDialogCtrlAPI@@SGXK@Z
?PEPWaitComplete@CDialogCtrlAPI@@SGKKK@Z
?SCDTDecryptFailTipShow@CDialogCtrlAPI@@SGXK@Z
?SCDTOutSendShow@CDialogCtrlAPI@@SGHKPAUHWND__@@@Z
?SelectFolder@CDialogCtrlAPI@@SGHPAPA_WPAK@Z
?Show@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@HPB_W2HHH@Z
?Stop@CDialogCtrlAPI@@SGXPAU_GUID@@@Z
?TipShow@CDialogCtrlAPI@@SGHPAU_GUID@@PAUHWND__@@HPB_W2@Z
?TipStop@CDialogCtrlAPI@@SGXPAU_GUID@@@Z
?Update@CDialogCtrlAPI@@SGHPAU_GUID@@PB_W1H@Z

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27b580c3a41bca0e95770616865802c1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

version

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 290KB - Virtual size: 289KB

.data Size: 25KB - Virtual size: 59KB

.rsrc Size: 403KB - Virtual size: 403KB

.reloc Size: 172KB - Virtual size: 171KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 290KB - Virtual size: 289KB

.data
Size: 25KB - Virtual size: 59KB

.rsrc
Size: 403KB - Virtual size: 403KB

.reloc
Size: 172KB - Virtual size: 171KB