810c64bb71cc2eac0ed07826004820aeee5da7b67fa811534d6f20ab00e33f48

Sharing

Copy URL Twitter E-mail

General

Target

810c64bb71cc2eac0ed07826004820aeee5da7b67fa811534d6f20ab00e33f48
Size

1.1MB
MD5

14f46daee24b553cc3aa7779796afbf2
SHA1

b1ff0502a0ad27df8f9705a75174abdf53e6266d
SHA256

810c64bb71cc2eac0ed07826004820aeee5da7b67fa811534d6f20ab00e33f48
SHA512

f023d9d8f876acd44f1bfc8eb057245aa4d38d0706b2214ba6ea571895a304e8b81bce78cdc3a0b8caa75f078c1c5593273c8339f0c0084418dac4b4e4f0fd6b
SSDEEP

24576:OQuwdbe5Plx/X9AIaaaaaaaaaaaaaaaaRhjYFqyGcPZK6qYdYTHqi9hIxlDaY47I:Qwe1afFqy5Ib7TKifIxhaY4+xUAc9cD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MouseInc/MouseInc.exe

Files

810c64bb71cc2eac0ed07826004820aeee5da7b67fa811534d6f20ab00e33f48
.zip
MouseInc/MouseInc.Settings.zip
.zip
fonts/ionicons.143146fa.woff2
index.html
.html
js/app.6d3b6636.js
.js
js/chunk-8edd2e4e.3bff57e3.js
.js
MouseInc/MouseInc.exe
.exe windows:6 windows x86 arch:x86

e168ff854bfcc24ef45a9c39ff100ce0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipDeleteFontFamily
GdiplusStartup
GdipCreateStringFormat
GdiplusShutdown
GdipLoadImageFromStream
GdipGetImageHeight
GdipCreateFontFamilyFromName
GdipAddPathArcI
GdipGetImageEncoders
GdipCloneImage
GdipSetCustomLineCapBaseCap
GdipSetPenStartCap
GdipBitmapUnlockBits
GdipDeleteBrush
GdipCreateAdjustableArrowCap
GdipAlloc
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipDeletePath
GdipDisposeImage
GdipSetPenBrushFill
GdipSetSmoothingMode
GdipCreatePath
GdipSetStringFormatLineAlign
GdipCreateLineBrushFromRectI
GdipCreateFont
GdipCreateSolidFill
GdipFillPath
GdipGraphicsClear
GdipAddPathStringI
GdipSetPenCustomEndCap
GdipDeleteCustomLineCap
GdipAddPathLineI
GdipDrawRectangle
GdipFillRectangle
GdipClosePathFigure
GdipFree
GdipDrawPath
GdipDrawString
GdipBitmapLockBits
GdipSetPenLineJoin
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawCurveI
GdipCloneBrush
GdipMeasureString
GdipGetImageGraphicsContext
GdipFillRectangleI
GdipGetImageEncodersSize
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipDrawLines
GdipGetImageWidth
GdipSaveImageToStream
GdipDeletePen
GdipDrawImagePointRectI
GdipCreateBitmapFromScan0
GdipCreatePen1
GdipSetStringFormatAlign
GdipSaveImageToFile
GdipDrawImageRectRect

kernel32

EncodePointer
GetLocaleInfoEx
LCMapStringEx
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
LCIDToLocaleName
GetSystemTimeAsFileTime
ReadFile
GetModuleFileNameA
SizeofResource
CreateSemaphoreExW
HeapFree
SetLastError
SetPriorityClass
EnterCriticalSection
GetCommandLineW
GetCurrentProcess
ReleaseSemaphore
Wow64DisableWow64FsRedirection
GetModuleHandleExW
ExpandEnvironmentStringsW
TerminateProcess
GetModuleFileNameW
WaitForMultipleObjects
GetUserDefaultUILanguage
LeaveCriticalSection
SetFilePointer
GetTempPathW
CreateMutexW
InitializeCriticalSectionEx
FindResourceA
WaitForSingleObject
CreateFileW
GetCurrentThreadId
ReleaseMutex
UnmapViewOfFile
FreeResource
OpenProcess
HeapSize
CreateToolhelp32Snapshot
CreateEventW
MultiByteToWideChar
Sleep
FormatMessageW
GetLastError
Process32NextW
OutputDebugStringW
GlobalSize
SetEvent
WaitForSingleObjectEx
LockResource
GlobalAlloc
DeleteFileW
OpenSemaphoreW
Process32FirstW
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
LoadResource
HeapAlloc
GetLocalTime
GetCurrentDirectoryW
DecodePointer
HeapDestroy
GetProcAddress
GlobalLock
CreateMutexExW
LocalFree
MoveFileExW
GetFileSize
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
CopyFileW
WideCharToMultiByte
QueryFullProcessImageNameW
GetTempFileNameW
DebugBreak
CreateFileMappingW
DosDateTimeToFileTime
MapViewOfFile
GlobalUnlock
lstrcmpW
MoveFileW
IsDebuggerPresent
GetTickCount
GetEnvironmentVariableW
GetFileAttributesW
LoadLibraryW
FreeLibrary
GetExitCodeThread
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
QueryPerformanceFrequency
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
GetLocaleInfoW
UnhandledExceptionFilter

user32

DestroyCursor
WindowFromPoint
RegisterClassExW
CreatePopupMenu
MessageBeep
SetWindowTextW
UnregisterClassW
GetSystemMetrics
CallNextHookEx
SendMessageW
ScreenToClient
GetIconInfo
CreateWindowExW
EnumChildWindows
GetMenuItemCount
MonitorFromWindow
MessageBoxW
EqualRect
SetWindowPos
IsWindowVisible
GetDC
InflateRect
DestroyWindow
SendMessageTimeoutW
GetMenu
GetWindowRect
FindWindowExW
MonitorFromPoint
PostMessageW
CallWindowProcW
GetKeyState
UnregisterHotKey
ShowWindow
DefWindowProcW
GetMenuItemInfoW
GetMessageW
GetWindowTextLengthW
GetWindowThreadProcessId
GetWindowLongW
TrackPopupMenu
wsprintfW
SetWindowLongW
GetClientRect
AppendMenuW
GetClassLongW
IsClipboardFormatAvailable
UpdateLayeredWindow
DrawIconEx
GetKeyNameTextW
KillTimer
PostQuitMessage
SystemParametersInfoW
GetClassInfoExW
GetParent
RegisterWindowMessageW
PtInRect
SetForegroundWindow
GetAsyncKeyState
LoadImageW
InvalidateRect
GetAncestor
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
EndPaint
SendInput
GetWindowTextW
OpenClipboard
DispatchMessageW
SetTimer
GetCursorInfo
SetCursor
VkKeyScanW
GetMonitorInfoW
CreateIconIndirect
ClientToScreen
CloseClipboard
EmptyClipboard
PeekMessageW
CountClipboardFormats
GetDoubleClickTime
AttachThreadInput
RegisterHotKey
GetForegroundWindow
MoveWindow
EnumClipboardFormats
SetClipboardData
UnhookWindowsHookEx
EnumWindows
GetMessageTime
DestroyMenu
IsRectEmpty
SetFocus
BringWindowToTop
TranslateMessage
GetClipboardData
LoadIconW
FindWindowW
LoadCursorW
GetClassNameW
SetWindowsHookExW
AdjustWindowRectEx
DestroyIcon

gdi32

SelectObject
BitBlt
SetDeviceGammaRamp
CreateDIBSection
CreateCompatibleDC
StretchBlt
GetStockObject
GetDIBits
GetDeviceCaps
DeleteDC
GetObjectW
SetDIBits
DeleteObject
CreateCompatibleBitmap
CreateFontIndirectW

comdlg32

GetSaveFileNameW

advapi32

RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegGetValueW
CryptGenRandom
RegQueryValueExW
CryptAcquireContextW
CryptReleaseContext

shell32

ShellExecuteExW
ord680
Shell_NotifyIconW
ShellExecuteW
CommandLineToArgvW
SHOpenFolderAndSelectItems
ord155
ShellExecuteA
GetCurrentProcessExplicitAppUserModelID
ord190
ord171
SHGetPathFromIDListW
SHEmptyRecycleBinW

ole32

CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoInitializeSecurity
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoSetProxyBlanket

oleaut32

VariantClear
VariantInit
SysFreeString
SysAllocString

dwmapi

DwmUnregisterThumbnail
DwmRegisterThumbnail
DwmUpdateThumbnailProperties

winmm

mciSendStringW
mmioInstallIOProcW

imm32

ImmGetDefaultIMEWnd

shlwapi

PathRemoveFileSpecW
PathQuoteSpacesW
ord214
PathFindFileNameW
ord213
PathCanonicalizeW
PathFileExistsW
ord184
ord176
PathRenameExtensionW
ord12

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

WSAGetLastError
setsockopt
ioctlsocket
sendto
getsockopt
recv
recvfrom
socket
send
getsockname
WSAStartup
listen
select
closesocket
bind
accept
__WSAFDIsSet
ntohs

wininet

HttpSendRequestA
InternetCloseHandle
InternetOpenA
HttpAddRequestHeadersA
InternetConnectA
InternetSetOptionA
InternetCrackUrlA
HttpOpenRequestA
InternetQueryOptionA
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoW

msvcrt

_initterm_e
_set_fmode
__p__commode
_controlfp_s
abort
__pctype_func
isupper
___lc_codepage_func
_wcsdup
___mb_cur_max_func
islower
__strncnt
isspace
strcpy_s
strnlen
_mbtowc_l
wctomb_s
_iob
_strtoi64
?terminate@@YAXXZ
_strtoui64
__wgetmainargs
_msize
_XcptFilter
__set_app_type
_wcmdln
_lock
_unlock
?_set_new_mode@@YAHH@Z
___lc_handle_func
_isatty
fflush
_fileno
_CIlog10
ceil
_clearfp
_callnewh
_ultow_s
wcstol
strerror
strncmp
towupper
isdigit
frexp
atoi
_time64
strtol
_wfopen
_errno
isalnum
isxdigit
_memicmp
strcspn
rand
_gmtime64
wcscpy_s
tolower
_beginthreadex
strtod
_wcsicmp
towlower
srand
wcsnlen
clock
realloc
calloc
fclose
malloc
free
sqrt
_except_handler4_common
_amsg_exit
memcmp
memchr
memmove
memcpy
_CxxThrowException
memset
wcsrchr
strrchr
strchr
wcsstr
__CxxFrameHandler3
floor
_CIatan2
_initterm
pow

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MouseInc/MouseInc.json

Sharing

General

Malware Config

Signatures

Files

e168ff854bfcc24ef45a9c39ff100ce0

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

dwmapi

winmm

imm32

shlwapi

version

ws2_32

wininet

msvcrt

Sections

.text Size: 636KB - Virtual size: 635KB

.rdata Size: 346KB - Virtual size: 346KB

.data Size: 5KB - Virtual size: 17KB

.rsrc Size: 196KB - Virtual size: 196KB

.reloc Size: 29KB - Virtual size: 29KB

.text
Size: 636KB - Virtual size: 635KB

.rdata
Size: 346KB - Virtual size: 346KB

.data
Size: 5KB - Virtual size: 17KB

.rsrc
Size: 196KB - Virtual size: 196KB

.reloc
Size: 29KB - Virtual size: 29KB