K:\IP\IconPackager\Build ReleaseU\IconPackager.pdb
Static task
static1
1 signatures
General
-
Target
IconPackager.exe
-
Size
1.3MB
-
MD5
63506209b004736dc3ae832810cc498e
-
SHA1
254d329663816ea29010eee1acfa8135d9a7662e
-
SHA256
e582cc3b8fc6022ee60552088d824ec2d6f5089462ef80ea52916d9c3966eb59
-
SHA512
a04ab3760bf5743f6f7bb03613af047d3c5f27efa94721b2b39989f3e1d0c33295daf5ae9035fb634a25e0cb3f592d9067925a58611524fa981e672a3a4bd983
-
SSDEEP
24576:OzWoc5ILGeLDVHTuU0N9l0g1yzH8d8rDp8rcEsfoKts:XILfZ6Uc1Ucd82rctgKts
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource IconPackager.exe
Files
-
IconPackager.exe.exe windows:5 windows x86 arch:x86
c7e8e74c3be281796f3c82c8b730e858
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shlwapi
PathParseIconLocationW
PathFileExistsW
PathRelativePathToW
ColorHLSToRGB
ColorRGBToHLS
PathAppendA
PathCanonicalizeW
PathIsDirectoryW
msimg32
AlphaBlend
gdiplus
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipFree
GdiplusStartup
GdipAlloc
crypt32
CryptVerifyMessageSignature
CertGetNameStringW
CertFreeCertificateContext
advapi32
RegOpenKeyA
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
IsTextUnicode
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyExW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
CryptAcquireContextA
CryptGenRandom
OpenProcessToken
SetEntriesInAclW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
FreeSid
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountNameA
CryptReleaseContext
AddAccessDeniedAce
uxtheme
DrawThemeParentBackground
winmm
timeKillEvent
timeSetEvent
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
mfc100u
ord2164
ord4744
ord13854
ord11784
ord7548
ord7624
ord4478
ord2410
ord13366
ord3438
ord2618
ord7902
ord3751
ord2780
ord5558
ord12610
ord2418
ord8269
ord11210
ord5468
ord5882
ord1296
ord897
ord2407
ord4447
ord12125
ord6996
ord7911
ord4448
ord6289
ord1310
ord7524
ord11838
ord11801
ord8821
ord7903
ord3754
ord5900
ord3482
ord2188
ord4359
ord13181
ord4571
ord2509
ord5641
ord12745
ord265
ord266
ord1266
ord1282
ord4355
ord4139
ord5161
ord7077
ord7006
ord1281
ord1268
ord5585
ord8507
ord1314
ord13415
ord11353
ord4331
ord2823
ord13396
ord2057
ord11330
ord6870
ord3763
ord2844
ord8273
ord6117
ord880
ord788
ord1212
ord11999
ord4356
ord12871
ord1734
ord13342
ord5799
ord3446
ord5862
ord5459
ord6132
ord3765
ord8275
ord6119
ord2185
ord2849
ord2846
ord12228
ord2030
ord796
ord6080
ord337
ord5801
ord11998
ord11997
ord6145
ord6604
ord6843
ord9551
ord7929
ord7973
ord8508
ord8362
ord2664
ord4511
ord280
ord1944
ord11544
ord1721
ord11683
ord4151
ord293
ord5264
ord2614
ord11031
ord6036
ord1312
ord923
ord345
ord10935
ord10934
ord10936
ord10933
ord10199
ord9621
ord10352
ord10265
ord8118
ord8181
ord10064
ord11206
ord10043
ord6842
ord1229
ord812
ord6603
ord1298
ord3978
ord7512
ord12948
ord7932
ord3962
ord1645
ord1232
ord824
ord8509
ord12186
ord4802
ord3397
ord3433
ord5199
ord12512
ord7108
ord7246
ord12510
ord2062
ord4358
ord11476
ord11207
ord2825
ord3643
ord2251
ord2831
ord6102
ord1246
ord374
ord945
ord13389
ord341
ord919
ord7241
ord2773
ord1271
ord870
ord1006
ord457
ord4360
ord1440
ord290
ord1450
ord4290
ord11982
ord2184
ord3428
ord6096
ord3495
ord6243
ord4909
ord2746
ord8264
ord5802
ord917
ord296
ord902
ord286
ord3985
ord1987
ord7005
ord12413
ord12951
ord13047
ord2064
ord2068
ord11123
ord8179
ord10058
ord10412
ord3627
ord2981
ord2980
ord2756
ord5556
ord12606
ord2887
ord2884
ord7385
ord2417
ord14146
ord14148
ord14147
ord14145
ord14149
ord14132
ord14059
ord14060
ord8277
ord11081
ord3402
ord10937
ord8112
ord11163
ord6247
ord10045
ord8393
ord2853
ord12724
ord11246
ord11244
ord1501
ord1508
ord1514
ord1512
ord1519
ord4388
ord4425
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord4413
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord4642
ord4923
ord5115
ord8483
ord4901
ord5143
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9333
ord8347
ord5828
ord13380
ord11940
ord4805
ord8599
ord1934
ord1905
ord9525
ord6711
ord13387
ord8530
ord3684
ord3625
ord11864
ord7126
ord1739
ord14162
ord10976
ord13267
ord11469
ord7179
ord13570
ord13567
ord13572
ord13569
ord13571
ord13568
ord11477
ord8390
ord13381
ord3261
ord948
ord381
ord1300
ord3416
ord3410
ord6869
ord890
ord1616
ord1292
ord1895
ord11021
ord1013
ord4207
ord6140
ord8346
ord9328
ord5118
ord11845
ord11209
ord11240
ord9498
ord7391
ord4086
ord11236
ord11228
ord12502
ord5261
ord3493
ord3436
ord2617
ord1720
ord2119
ord2748
ord8266
ord5809
ord921
ord9786
ord6670
ord2878
ord4676
ord2089
msvcr100
_wsplitpath
_itoa
_strnicmp
_stricmp
isalpha
tolower
strncmp
??0exception@std@@QAE@ABQBDH@Z
_aligned_malloc
_aligned_free
memmove_s
_except_handler3
_wcmdln
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_except_handler4_common
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__RTDynamicCast
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_CxxThrowException
strncpy
srand
rand
memset
__CxxFrameHandler3
strtok
_localtime64
memcpy
strncpy_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
fflush
setvbuf
fsetpos
fgetpos
_fseeki64
fwrite
_unlock_file
_lock_file
??8type_info@@QBE_NABV0@@Z
_gmtime64_s
strpbrk
sscanf
??9type_info@@QBE_NABV0@@Z
_vsnprintf
??0exception@std@@QAE@XZ
ungetc
fputc
fgetc
sprintf_s
memchr
memcpy_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
wcscat_s
wcscpy_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
memmove
ldiv
printf
_wmkdir
sprintf
strchr
isdigit
fwprintf
realloc
wcstok
feof
fgetws
wcschr
_purecall
toupper
_beginthread
_mktime64
_time64
wcsstr
wcsftime
_localtime64_s
wcsncmp
malloc
free
_wcsupr
_wcsicmp
wcsrchr
wcsncpy
_wcslwr
_itow
_wtoi
_wcsnicmp
_vswprintf
strstr
wcsncat
_swprintf
_wfopen
fclose
strrchr
exit
atoi
kernel32
FindNextFileW
GetLogicalDriveStringsW
SetThreadPriority
GetCurrentThread
FindClose
GetCurrentProcess
CreateEventA
SetProcessWorkingSetSize
GetDiskFreeSpaceExW
GetTempPathW
CopyFileW
HeapAlloc
GetProcessHeap
HeapFree
GetShortPathNameW
GlobalLock
GlobalUnlock
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
GetTempFileNameW
MoveFileW
CreateHardLinkW
LocalFree
LoadLibraryExW
FindResourceW
LoadResource
LockResource
SizeofResource
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
EnumResourceLanguagesExW
lstrcmpW
GetModuleHandleExA
AddAtomA
GetCurrentProcessId
MultiByteToWideChar
LocalUnlock
LocalLock
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
FindFirstFileW
GlobalFree
GlobalAlloc
LocalAlloc
GetPrivateProfileStringW
GlobalAddAtomW
GlobalDeleteAtom
GlobalFindAtomW
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetLocaleInfoW
GetUserDefaultLangID
GetCurrentDirectoryA
GetModuleFileNameW
Sleep
GetModuleFileNameA
GetModuleHandleA
WriteFile
GetTickCount
WaitForSingleObject
SetEndOfFile
ReadFile
SetFilePointer
GetFileSize
CreateFileW
CreateEventW
SetEvent
OutputDebugStringA
OutputDebugStringW
EnumResourceNamesW
DeleteFileW
SetFileAttributesW
SetVolumeLabelW
ActivateActCtx
GetLastError
DeactivateActCtx
lstrcmpA
GetComputerNameA
lstrlenA
SetLastError
CloseHandle
CreateThread
CreateDirectoryW
GetVersionExW
SetCurrentDirectoryW
WideCharToMultiByte
GetFileAttributesW
GetDriveTypeW
GetWindowsDirectoryW
GetUserPreferredUILanguages
GetSystemDirectoryW
WritePrivateProfileStringW
FreeLibrary
GetModuleHandleW
GetProcAddress
SetPriorityClass
LoadLibraryW
user32
wvsprintfW
EnumDisplayMonitors
MessageBeep
GetDialogBaseUnits
DialogBoxIndirectParamW
EndDialog
CheckDlgButton
SetFocus
GetSystemMenu
UpdateWindow
CopyRect
InflateRect
SetRect
DestroyCursor
PtInRect
IntersectRect
GetScrollInfo
WindowFromDC
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetClassNameW
RegisterWindowMessageW
SetWindowRgn
OffsetRect
DrawEdge
GetSysColorBrush
CheckMenuItem
RemoveMenu
AppendMenuW
DrawFocusRect
LoadBitmapW
RedrawWindow
CheckMenuRadioItem
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetSysColors
SystemParametersInfoW
DispatchMessageW
TranslateMessage
GetMessageW
FindWindowA
GetWindowDC
CreateWindowExW
RegisterClassExW
EndPaint
BeginPaint
DefWindowProcW
GetPropA
DestroyWindow
GetMonitorInfoW
MonitorFromWindow
MoveWindow
GetWindowLongW
SetLayeredWindowAttributes
SetWindowPos
ScreenToClient
GetCursorPos
PostMessageW
SetParent
SendMessageA
IsWindowEnabled
InvalidateRect
GetKeyState
GetFocus
EnableMenuItem
IsWindow
DrawTextW
MapWindowPoints
GetClientRect
KillTimer
SetTimer
GetSystemMetrics
SetPropW
SetWindowLongW
SetPropA
CallWindowProcW
GetPropW
FillRect
GetIconInfo
DrawIcon
DrawIconEx
SetCursor
SendMessageTimeoutW
BroadcastSystemMessageW
RegisterClassW
LoadCursorW
DefDlgProcW
SetForegroundWindow
BringWindowToTop
IsIconic
FindWindowW
ReleaseDC
GetDC
CreateIconFromResourceEx
GetDesktopWindow
PeekMessageW
MsgWaitForMultipleObjects
LoadStringW
GetActiveWindow
DestroyMenu
TrackPopupMenu
ModifyMenuW
SetMenuDefaultItem
GetSubMenu
LoadMenuW
GetDlgItemTextW
MessageBoxW
SetDlgItemTextW
ShowWindow
SendDlgItemMessageW
SetWindowTextW
DestroyIcon
IsWindowVisible
GetDlgItem
GetParent
GetWindow
wsprintfW
EnableWindow
GetSysColor
GetWindowRect
LoadImageW
SendMessageW
LoadIconW
gdi32
ExtSelectClipRgn
GetClipRgn
CreateFontA
CreateRectRgnIndirect
SetPixel
SetRectRgn
OffsetRgn
CreatePolygonRgn
GetPixel
CreateBitmap
CreateRectRgn
SetDIBits
ExtTextOutW
CreateDCW
PatBlt
RoundRect
CombineRgn
SetBkColor
CreateFontIndirectW
SetBrushOrgEx
GdiFlush
SetStretchBltMode
CreateDIBSection
SetDCPenColor
SetDIBitsToDevice
CreateDIBitmap
GetDIBits
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
LineTo
MoveToEx
CreatePen
GetStockObject
GetObjectW
CreateFontW
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
SetBkMode
SetTextColor
DeleteDC
comdlg32
GetOpenFileNameW
GetSaveFileNameW
shell32
SHGetPathFromIDListW
ShellExecuteExW
SHGetDesktopFolder
SHFileOperationW
SHGetMalloc
ExtractIconW
ExtractIconExW
SHGetFolderPathW
ShellExecuteA
SHChangeNotify
DragFinish
SHGetFileInfoW
DragQueryFileW
SHGetSpecialFolderLocation
SHGetFolderPathA
SHBrowseForFolderW
comctl32
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Destroy
ord14
ImageList_Draw
ImageList_DrawEx
ImageList_Add
ImageList_GetIcon
ImageList_GetIconSize
_TrackMouseEvent
ImageList_Create
oleaut32
SafeArrayGetLBound
VariantClear
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
msvcp100
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Strxfrm
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?_Xbad@tr1@std@@YAXW4error_type@regex_constants@12@@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Xmem@tr1@std@@YAXXZ
?id@?$collate@D@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@UAE@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
??1_Container_base12@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?_BADOFF@std@@3_JB
wininet
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
HttpSendRequestW
InternetConnectW
InternetReadFile
InternetErrorDlg
InternetSetOptionW
InternetOpenW
FtpOpenFileW
InternetOpenUrlW
InternetCrackUrlW
InternetSetStatusCallbackW
InternetCloseHandle
HttpQueryInfoW
imagehlp
ImageGetCertificateHeader
ImageGetCertificateData
ole32
CoCreateInstance
CoUninitialize
CoInitialize
Sections
.text Size: 715KB - Virtual size: 714KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 255KB - Virtual size: 254KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 250KB - Virtual size: 250KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 118KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ