df66337227a095156f2d621467663e93a82ef28cb9e1f5315e984b0826fc3cdf

Sharing

Copy URL Twitter E-mail

General

Target

df66337227a095156f2d621467663e93a82ef28cb9e1f5315e984b0826fc3cdf
Size

503KB
MD5

2fb892dcc496833ba0f1ade9d0d05a41
SHA1

6732081a6fae525f7c0dc1cd89739a4455d482ab
SHA256

df66337227a095156f2d621467663e93a82ef28cb9e1f5315e984b0826fc3cdf
SHA512

73301ff868c5bc5875a722dcb3dde04e2985ac4f8a56e574e3038d4bf769d92495ae13009552dbd00d854ec27eef22f09a3c777d3662931ebc6d94aa942f50d8
SSDEEP

12288:HrdKTiK5NVN2wLwNWxfT+4IsxH7WaJyWp:LdKuK53NgNWxwsxbvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df66337227a095156f2d621467663e93a82ef28cb9e1f5315e984b0826fc3cdf

Files

df66337227a095156f2d621467663e93a82ef28cb9e1f5315e984b0826fc3cdf
.exe windows:6 windows x86 arch:x86

357d9b6f85e28d858dddd028fcd30938

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\vs\Rockey\Release\RockeyA.pdb

Imports

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStdHandle
HeapQueryInformation
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
VirtualQuery
RtlUnwind
GetOverlappedResult
lstrcpyA
lstrcatA
IsProcessorFeaturePresent
IsBadReadPtr
IsBadWritePtr
OpenMutexW
CreateMutexW
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CreateFileMappingA
GetVersionExA
SystemTimeToTzSpecificLocalTime
ReleaseMutex
OpenMutexA
CreateMutexA
CreateFileA
GetTickCount
DeviceIoControl
GetVersion
OutputDebugStringW
GetFileType
LCMapStringW
TerminateProcess
ResetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
lstrlenA
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleOutputCP
GetConsoleMode
WriteConsoleW
GetSystemInfo
LoadLibraryExA
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetCurrentProcess
WriteFile
SetFilePointer
ReadFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFlags
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
WaitForSingleObject
CloseHandle
lstrcmpA
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GlobalFree
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
ExitProcess
GetACP
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
VerSetConditionMask
SizeofResource
LoadResource
LockResource
FindResourceW
GetProcAddress
LoadLibraryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
FileTimeToSystemTime
GetLocalTime
CreateEventA
SystemTimeToFileTime

user32

SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetMenuCheckMarkDimensions
GetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenuEx
GetMenuItemCount
GetMenuItemID
SetMenu
PostQuitMessage
GetCapture
IsIconic
IsWindowVisible
DeferWindowPos
BeginDeferWindowPos
IsChild
IsMenu
SetMenuItemInfoW
LoadBitmapW
GetDC
ReleaseDC
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
MessageBeep
GetUpdateRect
IsWindowUnicode
RegisterClipboardFormatW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetWindowRect
GetSubMenu
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsDialogMessageW
SetWindowLongW
GetMessageW
TranslateMessage
SetCursor
GetWindowThreadProcessId
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
ClientToScreen
RealChildWindowFromPoint
GetSystemMetrics
GetSysColorBrush
LoadCursorW
MapDialogRect
SetTimer
KillTimer
CharUpperW
SetCapture
ReleaseCapture
GetWindowTextW
GetMenu
SetWindowTextW
IsWindowEnabled
GetFocus
SetFocus
GetDlgCtrlID
EndDeferWindowPos
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
GetDlgItem
SetWindowPos
ShowWindow
IsWindow
GetParent
OffsetRect
SetRectEmpty
GetClientRect
SendDlgItemMessageA
GetClipboardData
IsClipboardFormatAvailable
GetWindowLongW
ScreenToClient
GetCursorPos
GetWindow
UnregisterClassW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
wsprintfW
PostMessageW
GetKeyState
DestroyMenu
InsertMenuItemW
AppendMenuW
CreatePopupMenu
CreateMenu
EnableWindow
SendMessageW
InvalidateRect

gdi32

DeleteObject
Escape
GetClipBox
GetStockObject
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
CreateFontW
GetDeviceCaps
CreateICW
SetDCPenColor
SetDCBrushColor
Rectangle
DeleteDC

advapi32

InitializeSecurityDescriptor
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

ole32

CoCreateInstance
CoCreateGuid
CoUninitialize
CoInitialize
CLSIDFromProgID
CoTaskMemFree

oleaut32

VariantInit
VariantClear
VariantChangeType
SysFreeString
SysAllocString

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

hid

HidP_GetCaps
HidD_GetPreparsedData
HidD_GetProductString
HidD_GetAttributes
HidD_GetHidGuid
HidD_FlushQueue
HidD_FreePreparsedData

oleacc

LresultFromObject
CreateStdAccessibleObject

winscard

SCardReconnect
SCardReleaseContext
SCardDisconnect
SCardConnectA
SCardListReadersA
SCardEstablishContext
SCardTransmit
g_rgSCardT1Pci

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

357d9b6f85e28d858dddd028fcd30938

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

comctl32

shlwapi

ole32

oleaut32

setupapi

hid

oleacc

winscard

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 11KB - Virtual size: 387KB

.rsrc Size: 87KB - Virtual size: 86KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 11KB - Virtual size: 387KB

.rsrc
Size: 87KB - Virtual size: 86KB

.reloc
Size: 21KB - Virtual size: 20KB