ImGui Standalone[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ImGui Standalone.exe
Size

384KB
MD5

8d25efb7874c2dd7e395444d75d8a4be
SHA1

8ccd9fa38d503d9ef04a9e612a66e6a2bc89d5c6
SHA256

25348bad2a1c603e05ea9e87a5d9b2fab4d1a0ab936b6abfd12ab1fba5508c88
SHA512

34bc45cf4304973ec78427eefc1659b1e2be73208609c893960615115d5b1c352812bd6fd71661854c39b3e0b47fdaf5517786eb67f852efecc9d8bbd46f47a9
SSDEEP

12288:6c7dOWaUGrK7EujUUe5FI+8HITnehTuVwsq:6edFdWkEwM8oTnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ImGui Standalone.exe

Files

ImGui Standalone.exe
.exe windows:6 windows x64 arch:x64

6c4438182063b792a99a0158eb0b09b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\lucid\Downloads\ImGui-Standalone-main\ImGui-Standalone-main\Source\x64\Release\ImGui Standalone.pdb

Imports

d3d11

D3D11CreateDeviceAndSwapChain

kernel32

Sleep
FindFirstFileW
FindNextFileW
FindClose
GetDriveTypeW
GetLastError
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
QueryPerformanceCounter
GetModuleHandleW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsDebuggerPresent
FreeLibrary
VerSetConditionMask
MultiByteToWideChar
GlobalAlloc
GetProcAddress
QueryPerformanceFrequency
LoadLibraryA
GetModuleHandleA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
IsProcessorFeaturePresent
LocalFree

user32

TrackMouseEvent
GetAsyncKeyState
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
UpdateWindow
MessageBoxW
GetWindowThreadProcessId
GetWindowTextLengthW
VkKeyScanW
AttachThreadInput
EnumWindows
SendInput
GetWindowTextW
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
DestroyWindow
GetDC
SetWindowPos
MonitorFromWindow
EnumDisplayMonitors
CreateWindowExW
ScreenToClient
UnregisterClassW
SetWindowTextW
RegisterClassExW
WindowFromPoint
GetCursorPos
LoadCursorW
SetCapture
ShowWindow
GetCapture
GetMonitorInfoW
ClientToScreen
IsChild
ReleaseDC
GetForegroundWindow
SetLayeredWindowAttributes
OpenClipboard
CloseClipboard
SetCursor
SetWindowLongW
SetFocus
BringWindowToTop
SetCursorPos
EmptyClipboard
GetClipboardData
SetClipboardData
MessageBoxA
IsIconic
SetForegroundWindow
ReleaseCapture
SetProcessDPIAware
GetClientRect

gdi32

GetDeviceCaps

ole32

CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx

oleaut32

SysAllocString
VariantClear
SysFreeString

msvcp140

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?good@ios_base@std@@QEBA_NXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?uncaught_exception@std@@YA_NXZ
?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ

wininet

InternetCheckConnectionW

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
ImmAssociateContextEx

d3dcompiler_47

D3DCompile

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memcmp
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strstr
__std_terminate
__std_exception_copy
__std_exception_destroy
memchr
memmove
memset

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_seh_filter_exe
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
_exit
_register_onexit_function
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_beginthreadex
exit
terminate
_cexit
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-stdio-l1-1-0

ftell
__stdio_common_vsprintf
__p__commode
_set_fmode
__stdio_common_vfprintf
__stdio_common_vsscanf
fread
fseek
_wfopen
fwrite
__acrt_iob_func
fflush
fclose

api-ms-win-crt-string-l1-1-0

strncmp
strcmp
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

acosf
sqrtf
sinf
ceilf
cosf
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c4438182063b792a99a0158eb0b09b7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

kernel32

user32

gdi32

ole32

oleaut32

msvcp140

wininet

imm32

d3dcompiler_47

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 307KB - Virtual size: 307KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 248B

.text
Size: 307KB - Virtual size: 307KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 248B