SysInternalsBluescreen[.]scr

Sharing

Copy URL Twitter E-mail

General

Target

SysInternalsBluescreen.scr
Size

700KB
MD5

ac269d8cf5b8fefcce0d1fb0ba1122ea
SHA1

a12f5da02c847ed7f528f0cd517d7cda21c2e507
SHA256

dcc79d97307ed95111d9d7641052d9fe702efbacda80b29ef63b6050f7f63edf
SHA512

16282d5c2636702d531325d20a3912e19ad2363c71b91ac368eeea64d1132f64f364a47a6090934a2c5e635bb1064cc9da6b7fbf1c61a8a99ef1918feb26f775
SSDEEP

1536:uVAcyzb7mABGHqFFmS/Tg8J6PpxO9HtYCInndkmVnTA6uvld2XPwdniI:aAcOf1NoY6PqBtm9Pe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SysInternalsBluescreen.scr

Files

SysInternalsBluescreen.scr
.exe windows:4 windows x86 arch:x86

1366c969d6a684ae8ee6653f31504543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

ddraw

DirectDrawCreate

winmm

timeSetEvent
timeKillEvent

kernel32

GetCurrentProcess
SetFilePointer
WriteFile
CreateEventA
LoadLibraryExA
WriteConsoleA
GetStdHandle
GetDiskFreeSpaceExA
GetVolumeInformationA
WaitForSingleObject
GetSystemInfo
GetDriveTypeA
GetLogicalDrives
FreeConsole
DeleteFileA
FlushConsoleInputBuffer
SetConsoleCursorPosition
FillConsoleOutputCharacterA
SetConsoleCursorInfo
SetConsoleMode
AllocConsole
Sleep
FreeLibrary
GetSystemPowerStatus
UnhandledExceptionFilter
ExitProcess
GetStartupInfoA
FlushFileBuffers
LCMapStringW
GetProcAddress
Beep
ReadFile
GetStringTypeW
lstrcpynA
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsAlloc
GetCurrentThreadId
TerminateProcess
RtlUnwind
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalAlloc
LoadLibraryA
LocalFree
FindResourceA
LoadResource
LockResource
_lopen
_lread
_lclose
GetCommandLineA
GetVersion
GetTempPathA
CreateFileA
CloseHandle
GetTickCount
SetStdHandle
OutputDebugStringA
ExitThread
TlsSetValue
GetVersionExA
GetStringTypeA
GetModuleHandleA
LCMapStringA
HeapFree
HeapAlloc
GetLastError
ResumeThread
CreateThread

user32

SetWindowTextA
GetSystemMetrics
CharNextA
LoadIconA
GetClientRect
FindWindowA
RegisterWindowMessageA
GetForegroundWindow
PeekMessageA
DialogBoxParamA
IsWindow
PostQuitMessage
GetCursorPos
SetForegroundWindow
SetFocus
LoadBitmapA
MsgWaitForMultipleObjects
DestroyWindow
GetDC
ReleaseDC
LoadCursorA
SetCursor
InflateRect
GetDlgItem
GetSysColorBrush
GetParent
SendMessageA
DialogBoxIndirectParamA
EndDialog
IsDlgButtonChecked
CheckDlgButton
PostMessageA
InvalidateRect
RegisterClassA
GetMessageA
DispatchMessageA
TranslateMessage
CreateWindowExA
DefWindowProcA
MessageBoxA
OffsetRect
IntersectRect
SystemParametersInfoA

gdi32

CreateDIBitmap
CreatePalette
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
CreateCompatibleDC
SelectObject
SelectPalette
RealizePalette
StretchBlt
DeleteDC
GetObjectA
CreateSolidBrush
GetClipBox
GetDCOrgEx
GetStockObject

comdlg32

PrintDlgA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA

Exports

Exports

ScreenSaverConfigureDialog
ScreenSaverProc

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1366c969d6a684ae8ee6653f31504543

Headers

File Characteristics

Imports

comctl32

ddraw

winmm

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 120KB - Virtual size: 124KB

.sxdata Size: 4KB - Virtual size: 4B

.rsrc Size: 520KB - Virtual size: 517KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 120KB - Virtual size: 124KB

.sxdata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 520KB - Virtual size: 517KB