59e4409f747afb6b1eccd0f78641c386dccd79ae790ac5a48a54e3ac34731645

Sharing

Copy URL Twitter E-mail

General

Target

59e4409f747afb6b1eccd0f78641c386dccd79ae790ac5a48a54e3ac34731645
Size

2.2MB
MD5

fa8f67a31a3ef3f58b7d292b78e157ad
SHA1

5f433cddce4f11019df659b4439f05088e337fe5
SHA256

59e4409f747afb6b1eccd0f78641c386dccd79ae790ac5a48a54e3ac34731645
SHA512

c4d611db416703e67a2ef3c10214157c48c1744dcf91214cb650c2fa8d9f28469f1410b89d257a8a69b75bdcfef098b03cb2d614515d7a8981b96f24c1ff49eb
SSDEEP

49152:8z6JIuFydnW5yiL3kJSw8CwAHdZm80UYTgnppM7Dc7R2vCRO:zWldsNkJSw8CwAHPmnUHppMfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59e4409f747afb6b1eccd0f78641c386dccd79ae790ac5a48a54e3ac34731645

Files

59e4409f747afb6b1eccd0f78641c386dccd79ae790ac5a48a54e3ac34731645
.exe windows:5 windows x86 arch:x86

e9da48d7c31d72ebde24f3bfaeeeff21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\OEM\陈柏霖\Mouse\Debug\CBMouse.pdb

Imports

kernel32

WriteFile
GetLastError
WaitForSingleObject
CancelIo
GetOverlappedResult
CloseHandle
ReadFile
Sleep
SizeofResource
LockResource
LoadResource
FindResourceW
SetEvent
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
QueryPerformanceCounter
OutputDebugStringW
GetLocalTime
OutputDebugStringA
GetModuleFileNameW
DeleteFileW
CreateFileW
FindFirstFileW
FindNextFileW
FindClose
GetPrivateProfileIntW
GetPrivateProfileStringW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
GetFileSize
GetModuleHandleW
lstrlenW
GetTickCount
GetFileAttributesW
CreateDirectoryW
FormatMessageW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
LocalFree
SetLastError
CreateMutexW
WritePrivateProfileStringW
FreeResource
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
ResetEvent
InterlockedIncrement
InterlockedDecrement
CreateWaitableTimerW
SetWaitableTimer
CreateThread
MulDiv
GlobalSize
CopyFileW
GetModuleHandleA
GetCurrentProcessId
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
GetThreadLocale
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
CreateEventW
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
ReleaseMutex
SetThreadPriority
ResumeThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GlobalGetAtomNameW
lstrlenA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetCurrentDirectoryW
lstrcpyW
GetTempFileNameW
GetTempPathW
SearchPathW
GetProfileIntW
VirtualProtect
FindResourceExW
GetStartupInfoW
ExitThread
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
SetStdHandle
GetFileType
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA

user32

TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
MessageBeep
IsZoomed
PostQuitMessage
CharUpperW
LoadMenuW
ShowWindow
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetMessageW
GetNextDlgTabItem
EndDialog
InvalidateRect
DrawStateW
IsWindowEnabled
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
OffsetRect
SetWindowTextW
ToAscii
MapVirtualKeyW
ShowScrollBar
ClientToScreen
GetWindowDC
DestroyMenu
TrackPopupMenu
CreatePopupMenu
GetLastActivePopup
RegisterDeviceNotificationW
SetRect
GetClientRect
GetParent
DrawIcon
IsIconic
CopyRect
PtInRect
PostMessageW
GetCursorPos
ScreenToClient
SetForegroundWindow
LoadImageW
AppendMenuW
GetSystemMenu
UnregisterDeviceNotification
LoadIconW
EnumWindows
SetWindowPos
GetKeyState
ReleaseCapture
SetCapture
UpdateWindow
GetDoubleClickTime
SystemParametersInfoW
InflateRect
MoveWindow
RedrawWindow
GetSysColor
CreateWindowExW
CallWindowProcW
DestroyWindow
GetWindowTextW
IsWindowVisible
IsWindow
ShowOwnedPopups
GetMenuItemInfoW
WindowFromPoint
GetKeyNameTextW
GetSysColorBrush
WaitMessage
DeleteMenu
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
SetTimer
SetRectEmpty
TrackMouseEvent
SetWindowLongW
GetWindowLongW
KillTimer
ReleaseDC
MessageBoxW
GetSystemMetrics
GetFocus
GetDC
NotifyWinEvent
SetParent
SetClassLongW
IsMenu
IsRectEmpty
BringWindowToTop
LockWindowUpdate
EnumChildWindows
GetDlgItem
RegisterClipboardFormatW
LoadCursorW
SetCursor
EnableWindow
FindWindowW
SetWindowRgn
GetWindowRect
FillRect
SendMessageW
SetFocus
OpenClipboard
CopyImage
DestroyIcon
GetWindowThreadProcessId
SetClipboardData
DestroyCursor
GetWindowRgn
CreateMenu
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
CharNextW
EmptyClipboard
IntersectRect
CloseClipboard
FrameRect

gdi32

StretchBlt
DeleteDC
DeleteObject
CombineRgn
SelectObject
CreateDIBSection
SetPixel
PtInRegion
CreateEllipticRgn
GetPixel
CreateSolidBrush
BitBlt
CreateCompatibleBitmap
GetObjectW
SetPixelV
GetTextFaceW
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
ExtFloodFill
LPtoDP
GetViewportOrgEx
GetBoundsRect
FrameRgn
FillRgn
GetWindowOrgEx
GetPaletteEntries
CreatePalette
RoundRect
Rectangle
Polygon
Ellipse
CreatePolygonRgn
GetBkColor
SetDIBColorTable
GetTextColor
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetRgnBox
OffsetRgn
GetDCOrgEx
DPtoLP
PatBlt
GetMapMode
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreatePen
GetObjectType
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
Polyline
GetTextExtentPoint32W
CreateFontIndirectW
CreateRectRgn
GetTextMetricsW
CreateFontW
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
RegEnumKeyExW

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
CommandLineToArgvW
Shell_NotifyIconW
ShellExecuteExW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFileExistsW
StrStrIW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoInitializeEx
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysFreeString
SysStringLen

gdiplus

GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDrawImageRect
GdipFillRectangleI
GdiplusShutdown
GdiplusStartup
GdipAddPathArcI
GdipIsVisiblePathPointI
GdipAddPathLineI
GdipCloneBitmapAreaI
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipSetPenColor
GdipDrawRectangle
GdipDrawPath
GdipDeletePen
GdipCreatePen1
GdipDrawImageRectI
GdipFillRectangle
GdipCreatePath
GdipDeletePath
GdipCreateFromHDC
GdipDeleteGraphics
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRect
GdipSetSmoothingMode
GdipCreateSolidFill
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCloneBrush
GdipFillPath
GdipResetPath
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreateRegionHrgn
GdipDeleteRegion
GdipFillRegion

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

hid

HidD_GetPreparsedData
HidD_GetAttributes
HidP_GetCaps
HidD_FreePreparsedData
HidP_GetSpecificButtonCaps
HidP_GetSpecificValueCaps
HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid

winmm

timeEndPeriod
timeKillEvent
PlaySoundW
timeGetDevCaps
timeBeginPeriod

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9da48d7c31d72ebde24f3bfaeeeff21

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

setupapi

hid

winmm

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 359KB - Virtual size: 358KB

.data Size: 28KB - Virtual size: 122KB

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 359KB - Virtual size: 358KB

.data
Size: 28KB - Virtual size: 122KB

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 169KB - Virtual size: 169KB