stand-support-tool[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

stand-support-tool.exe
Size

9.6MB
MD5

dffc7296c42fff2e4651f22379eb516a
SHA1

503876c1e7baf9faad683a2b2820fe31c559cc00
SHA256

a027e5f373d312e997d7d7cdcc32bb60027ecbe4a770970b8b1cb4bf3f736049
SHA512

bc3fd509e8fb9c698a4d53e8d5f75fa81578d948217a88de45d7c68993c8f89d57a5ebec5f7dc6acca0d1058d9ec800a1dd01d1065c66f74d602d69a3009f5f9
SSDEEP

98304:vtqdvDn6um7z7sqDWG3wzqdHntBmqmncC8dfsFIk6t:VqVr6umfHSzUmx8d5k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
stand-support-tool.exe

Files

stand-support-tool.exe
.exe windows:6 windows x64 arch:x64

02771a47882e599a4366e9d0fad5719f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

stand_support_tool.pdb

Imports

bcryptprimitives

ProcessPrng

api-ms-win-core-synch-l1-2-0

WaitOnAddress
WakeByAddressAll
WakeByAddressSingle

user32

RegisterClassExA
SetWindowPlacement
ValidateRect
GetWindowLongPtrW
CreateWindowExA
GetWindowPlacement
ChangeDisplaySettingsExW
TranslateMessage
GetKeyboardState
GetAsyncKeyState
CloseTouchInputHandle
ScreenToClient
GetTouchInputInfo
TrackMouseEvent
MonitorFromRect
DispatchMessageW
ToUnicodeEx
GetKeyState
MapVirtualKeyExW
GetKeyboardLayout
PeekMessageW
FlashWindowEx
OpenClipboard
SetCursor
GetRawInputData
GetClipboardData
LoadCursorW
DefWindowProcA
RedrawWindow
DestroyWindow
PostMessageW
EmptyClipboard
SetClipboardData
InvalidateRgn
SystemParametersInfoA
SetWindowPos
GetDC
CloseClipboard
GetActiveWindow
AdjustWindowRectEx
GetMenu
GetWindowLongW
SetWindowLongW
ShowWindow
DestroyCursor
IsIconic
ClipCursor
GetClipCursor
ShowCursor
GetWindowRect
ClientToScreen
SendMessageW
IsWindowVisible
GetClientRect
GetForegroundWindow
RegisterTouchWindow
GetSystemMetrics
TrackPopupMenu
SetMenuDefaultItem
EnableMenuItem
GetSystemMenu
SetWindowTextW
SetForegroundWindow
SendInput
SetWindowDisplayAffinity
DestroyIcon
CreateIcon
MonitorFromWindow
GetMonitorInfoW
GetCursorPos
MapVirtualKeyW
DefWindowProcW
ReleaseCapture
SetCapture
SetWindowLongPtrW
CreateWindowExW
RegisterClassExW
RegisterWindowMessageA
RegisterRawInputDevices
MonitorFromPoint
KillTimer
SetTimer
GetMessageW
RegisterClipboardFormatW
ReleaseDC
IsProcessDPIAware

kernel32

GetLastError
GlobalLock
GlobalSize
CreateMutexA
WaitForSingleObjectEx
GetFullPathNameW
CreateThread
WriteConsoleW
GlobalUnlock
GlobalAlloc
GetProcAddress
LoadLibraryA
GetSystemInfo
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetUserPreferredUILanguages
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
GetCurrentProcess
DuplicateHandle
VirtualProtect
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObject
RemoveVectoredExceptionHandler
CloseHandle
Sleep
GetCurrentThread
GlobalFree
WideCharToMultiByte
GetModuleHandleA
MultiByteToWideChar
GetModuleHandleW
AddVectoredExceptionHandler
LoadLibraryExW
FormatMessageW
lstrlenW
FreeLibrary
SetThreadErrorMode
GetProcessHeap
HeapFree
LoadLibraryExA
HeapAlloc
GetConsoleMode
CreateEventA
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
FindFirstFileW
SetFileInformationByHandle
GetFileInformationByHandleEx
GetFileInformationByHandle
CreateFileW
FindClose
FindNextFileW
ReleaseMutex
HeapReAlloc
GetStdHandle
GetCurrentProcessId
IsProcessorFeaturePresent

gdi32

DescribePixelFormat
SetPixelFormat
GetPixelFormat
ChoosePixelFormat
SwapBuffers
DeleteDC
SelectObject
DeleteObject
CreateRectRgn
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection

shell32

DragQueryFileW
DragFinish
SHGetKnownFolderPath

ole32

RevokeDragDrop
OleInitialize
CoInitializeEx
RegisterDragDrop
CoUninitialize
CoCreateInstance
CoTaskMemFree

advapi32

RegQueryValueExW
ImpersonateAnonymousToken
RegCloseKey
RegOpenKeyExW
RevertToSelf

imm32

ImmGetCompositionStringW
ImmGetContext
ImmAssociateContextEx
ImmReleaseContext

dwmapi

DwmSetWindowAttribute
DwmEnableBlurBehindWindow

uxtheme

SetWindowTheme

opengl32

wglGetCurrentContext
wglGetProcAddress
wglCreateContext
wglMakeCurrent
wglDeleteContext

d3dcompiler_47

D3DCompile

oleaut32

GetErrorInfo
SysStringLen
SysFreeString

ntdll

RtlNtStatusToDosError
NtWriteFile
NtReadFile

vcruntime140

memcpy
__CxxFrameHandler3
memset
__current_exception_context
memmove
__current_exception
_CxxThrowException
__C_specific_handler
memcmp

api-ms-win-crt-math-l1-1-0

trunc
truncf
ceilf
cosf
sinf
atan2
acosf
acos
pow
fmod
tan
roundf
floor
powf
ceil
round
cos
sin
fmodf
expf
_hypotf
fmaf
tanf
exp2f
exp2
__setusermatherr
floorf

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
strerror
_initialize_narrow_environment
_seh_filter_exe
_initterm
_initterm_e
exit
_exit
_get_initial_narrow_environment
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_set_app_type

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02771a47882e599a4366e9d0fad5719f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

bcryptprimitives

api-ms-win-core-synch-l1-2-0

user32

kernel32

gdi32

shell32

ole32

advapi32

imm32

dwmapi

uxtheme

opengl32

d3dcompiler_47

oleaut32

ntdll

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 14KB - Virtual size: 14KB

.pdata Size: 299KB - Virtual size: 298KB

.reloc Size: 43KB - Virtual size: 43KB

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 14KB - Virtual size: 14KB

.pdata
Size: 299KB - Virtual size: 298KB

.reloc
Size: 43KB - Virtual size: 43KB