27d7806a7bdd43a4e32212df812d122d71299f3805d84034c53bd40ee0acccf3

Sharing

Copy URL Twitter E-mail

General

Target

27d7806a7bdd43a4e32212df812d122d71299f3805d84034c53bd40ee0acccf3
Size

429KB
MD5

74e5570d600b634fd5a03c1a3ef1c8f2
SHA1

d0f7c20b1ccb886734e51caf67fedbbe653ea993
SHA256

27d7806a7bdd43a4e32212df812d122d71299f3805d84034c53bd40ee0acccf3
SHA512

39d27f5f78fc74a6d3bbf038e1d00d38fe33b07fb8187cdbdb295c2218a3c8b10b48112a66eb215e89769d678322147c851074a9839cd680c8b3d11a293d882d
SSDEEP

6144:Iw6fVdXlLoXdX0HvdBCGXyuR5GAOeclrT3Lgkb7AT0:mv1UXF0HVBpJGYCgMAT0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27d7806a7bdd43a4e32212df812d122d71299f3805d84034c53bd40ee0acccf3

Files

27d7806a7bdd43a4e32212df812d122d71299f3805d84034c53bd40ee0acccf3
.exe windows:6 windows x86 arch:x86

116ae4be67cc5cb5ac63c671f87dea12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\slave\workspace\YHClient\Release\ScreenLock.pdb

Imports

cximagecrtu

?AlphaIsValid@CxImage@@QAE_NXZ
?IsTransparent@CxImage@@QBE_NXZ
?DrawTo32BitDC_@CxImage@@QAEHPAUHDC__@@ABUtagRECT@@1_N@Z
?IsValid@CxImage@@QBE_NXZ
??0CxImage@@QAE@PB_WI@Z
?GetWidth@CxImage@@QBEIXZ
?GetHeight@CxImage@@QBEIXZ
??1CxImage@@UAE@XZ

kernel32

EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetACP
GetStdHandle
ExitProcess
RtlUnwind
LoadLibraryExA
VirtualFree
VirtualAlloc
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
CreateEventW
GetLocaleInfoW
LCMapStringW
EncodePointer
GetStringTypeW
WideCharToMultiByte
CloseHandle
GetFileAttributesW
CreateFileW
FindClose
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
GetVersionExW
InitializeCriticalSectionAndSpinCount
GetModuleHandleExW
GetPrivateProfileIntW
OutputDebugStringW
GetCurrentProcessId
GetProcessHeap
HeapAlloc
HeapFree
EnterCriticalSection
HeapReAlloc
HeapSize
HeapDestroy
DecodePointer
GetCurrentProcess
TerminateProcess
CreateMutexW
CopyFileW
GetWindowsDirectoryW
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
lstrcmpiW
GetModuleHandleW
GetProcAddress
FreeLibrary
RaiseException
SetLastError
GetCurrentThreadId
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
GetPrivateProfileStringW
InitializeCriticalSection
LeaveCriticalSection
WriteFile
FindNextFileW
TlsAlloc

user32

GetParent
SetWindowPos
SetWindowLongW
GetWindowLongW
SetWindowTextW
OffsetRect
InvalidateRect
CopyRect
EqualRect
SetFocus
MapWindowPoints
GetClientRect
GetWindowRect
GetMonitorInfoW
MonitorFromWindow
GetWindow
GetDesktopWindow
MoveWindow
InflateRect
SendMessageW
FillRect
UpdateWindow
EnumChildWindows
GetSysColor
GetCursorPos
SetWindowRgn
DrawIconEx
GetClassLongW
IsZoomed
TrackMouseEvent
GetClassNameW
IntersectRect
BringWindowToTop
AttachThreadInput
SetRect
DrawTextW
ScreenToClient
ReleaseCapture
GetCapture
SetCapture
PtInRect
EndPaint
BeginPaint
IsIconic
SetCursor
GetKeyState
ClientToScreen
GetWindowDC
DialogBoxParamW
GetTopWindow
GetWindowTextLengthW
SetForegroundWindow
GetForegroundWindow
IsWindowVisible
GetWindowThreadProcessId
SetTimer
GetActiveWindow
GetSystemMetrics
PeekMessageW
RegisterClassW
GetClassInfoW
CharNextW
CallWindowProcW
IsRectEmpty
ReleaseDC
GetDC
GetDlgCtrlID
FindWindowExW
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnableWindow
DefWindowProcW
ShowWindow
FindWindowW
SystemParametersInfoW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
UnregisterClassW
EndDialog
PostQuitMessage
GetFocus
PostMessageW
GetWindowTextW
FrameRect

gdi32

ExtCreateRegion
IntersectClipRect
GetClipRgn
ExtSelectClipRgn
SetViewportOrgEx
CreateRectRgnIndirect
GetDeviceCaps
CreateDIBSection
GetObjectW
GetCurrentObject
SetWindowOrgEx
GetWindowOrgEx
DeleteObject
CreateSolidBrush
CreateFontW
CombineRgn
EnumFontFamiliesExW
CreateFontIndirectW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn
GetRandomRgn
OffsetRgn
SelectClipRgn
CreatePen
Rectangle
ExcludeClipRect
SetTextColor
SetBkMode
DeleteDC
ExtTextOutW
SetBkColor
GetClipBox
SelectObject

advapi32

RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey

shell32

ShellExecuteW

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VarUI4FromStr

log

GenericLogImpl

inputhook

DisableCtrlAltDel
LockInput

comctl32

InitCommonControlsEx

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

116ae4be67cc5cb5ac63c671f87dea12

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cximagecrtu

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

log

inputhook

comctl32

Sections

.text Size: 235KB - Virtual size: 235KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 7KB - Virtual size: 11KB

.gfids Size: 512B - Virtual size: 488B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 235KB - Virtual size: 235KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 7KB - Virtual size: 11KB

.gfids
Size: 512B - Virtual size: 488B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 14KB - Virtual size: 14KB