7ae99e4023f7c44d25c5c576d28091e96c673ebd6b28751d68e6312feaa862be

Sharing

Copy URL Twitter E-mail

General

Target

7ae99e4023f7c44d25c5c576d28091e96c673ebd6b28751d68e6312feaa862be
Size

7.2MB
MD5

d02ceace33ff2169f78bf5c6d9e52057
SHA1

3bf32ade909cf73722a9d2b66d7bf8ad43483060
SHA256

7ae99e4023f7c44d25c5c576d28091e96c673ebd6b28751d68e6312feaa862be
SHA512

5a37ff41346f54b8071062184422556ef929415d16299bddee618be1db316e5863206c7f22ca80832f2f4c6b8af19e5dc048800bcb5c33aeec4ee1a05fb64f73
SSDEEP

196608:gBjaU6W9qQR57gUom0CbtRPhhP9VI2mMtRipY0uaz0XEhdxOFLOyomFHKnP:wRR5m2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ae99e4023f7c44d25c5c576d28091e96c673ebd6b28751d68e6312feaa862be

Files

7ae99e4023f7c44d25c5c576d28091e96c673ebd6b28751d68e6312feaa862be
.exe windows:6 windows x86 arch:x86

027a1853c53e6dac9aededa153df23d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\wen\project-backup\0504\USBHID5inch\Release\NewServer.pdb

Imports

kernel32

GetVersionExW
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetConsoleMode
IsDebuggerPresent
EnumSystemLocalesW
IsValidLocale
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
VirtualAlloc
GetSystemInfo
DeleteFileW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetDriveTypeA
GetStringTypeW
LCMapStringW
CompareStringW
TryEnterCriticalSection
QueryPerformanceFrequency
GetExitCodeThread
SwitchToThread
OutputDebugStringW
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
CreateEventW
WaitForSingleObjectEx
FindResourceExW
SearchPathA
GetProfileIntA
GetUserDefaultLCID
GetTempFileNameA
GetTickCount
GetWindowsDirectoryA
UnregisterWaitEx
GetCPInfo
GetOEMCP
VirtualProtect
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
GetFileAttributesA
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetACP
GlobalFlags
QueryPerformanceCounter
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GetThreadLocale
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
VerifyVersionInfoA
lstrcpyA
InitializeCriticalSectionAndSpinCount
VerSetConditionMask
GetCurrentProcessId
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExA
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
LoadLibraryW
GetModuleHandleW
GetModuleHandleA
CopyFileA
FormatMessageA
MulDiv
SetLastError
GetLocalTime
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
WideCharToMultiByte
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FreeResource
CreateThread
Sleep
CreateMutexA
FormatMessageW
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
ResetEvent
CancelIo
GetOverlappedResult
DeviceIoControl
ReadFile
GetSystemTimeAsFileTime
GetTempPathA
MultiByteToWideChar
FindResourceA
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
GetModuleFileNameA
VirtualQuery
CreateEventA
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
CloseHandle
OutputDebugStringA
WriteFile
CreateFileA
VirtualFree
GetStartupInfoW
GetConsoleOutputCP

user32

WaitMessage
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExA
CallWindowProcA
GetMessageTime
GetMessagePos
IsDialogMessageA
SetWindowLongA
GetWindowTextLengthA
SetFocus
GetDlgCtrlID
SendDlgItemMessageA
CheckDlgButton
ShowWindow
GetMenuItemInfoA
DestroyMenu
IntersectRect
UnhookWindowsHookEx
PtInRect
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
RedrawWindow
SetWindowRgn
DrawStateA
DrawEdge
RegisterWindowMessageA
EnumDisplayMonitors
GetMonitorInfoA
SetClassLongA
MonitorFromPoint
OpenClipboard
CloseClipboard
RegisterDeviceNotificationA
MessageBoxA
SendMessageA
IsIconic
SystemParametersInfoA
LoadCursorW
SetRectEmpty
GetSysColorBrush
SetClipboardData
SetLayeredWindowAttributes
GetClassInfoA
MapDialogRect
GetWindow
SetWindowContextHelpId
GetLastActivePopup
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
InvalidateRgn
SetRect
GetNextDlgGroupItem
MessageBeep
GetKeyboardLayout
GetAsyncKeyState
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
TrackMouseEvent
RealChildWindowFromPoint
CallNextHookEx
SetWindowsHookExA
CopyImage
DeleteMenu
DestroyIcon
CopyAcceleratorTableA
SetCapture
ReleaseCapture
WindowFromPoint
CharNextA
CharUpperA
SetTimer
KillTimer
EnableWindow
GetSystemMetrics
GetSystemMenu
AppendMenuA
DrawIcon
GetDC
GetClientRect
FillRect
LoadIconW
LoadImageA
DefWindowProcA
RegisterClassA
CreateWindowExA
MoveWindow
GetDlgItem
UpdateWindow
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetWindowTextA
GetWindowTextA
GetSysColor
GetWindowLongA
LoadCursorA
UnregisterClassA
DrawFrameControl
SetWindowPos
SetForegroundWindow
GetWindowRect
CopyRect
LoadBitmapW
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
ClientToScreen
ScreenToClient
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
GetParent
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetDesktopWindow
GetComboBoxInfo
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindowVisible
GetKeyState
ValidateRect
GetCursorPos
EmptyClipboard
LoadImageW
UnionRect
EnableScrollBar
IsZoomed
LoadMenuW
NotifyWinEvent
SetCursorPos
SetParent
BringWindowToTop
CreatePopupMenu
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
SetMenuDefaultItem
ModifyMenuA
UpdateLayeredWindow
GetUpdateRect
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
CharUpperBuffA
FrameRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
SubtractRect
PostThreadMessageA
CreateMenu
LockWindowUpdate
GetWindowRgn
DestroyCursor
InvertRect
HideCaret
MapWindowPoints

gdi32

ExtTextOutA
CopyMetaFileA
CreateDCA
GetDeviceCaps
BitBlt
CreateBitmap
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
GetTextMetricsA
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
CreateFontIndirectA
CreateRectRgnIndirect
EnumFontFamiliesA
GetTextCharsetInfo
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32A
CreatePolygonRgn
Polygon
Polyline
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateRoundRectRgn
RealizePalette
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
SetTextColor
SetBkColor
PatBlt
GetStockObject
CreateSolidBrush
SetPixel
GetPixel
GetObjectA
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
StretchBlt
SelectObject
DeleteObject
DeleteDC
ScaleViewportExtEx
SetTextAlign
CreateCompatibleDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathFindFileNameA
PathFindExtensionW
PathFindExtensionA
PathIsUNCA

uxtheme

DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeText
GetThemeSysColor
GetWindowTheme
GetThemePartSize

ole32

CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
RegisterDragDrop

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantCopy

oledlg

ord8

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipDrawLine
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipSetPenEndCap
GdipSetPenStartCap
GdipDeletePen
GdipCreatePen1
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipAlloc
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

ws2_32

WSAGetLastError
getnameinfo
accept
bind
closesocket
connect
htonl
htons
gethostbyname
recvfrom
select
send
sendto
socket
WSACleanup
WSASetLastError
WSAAsyncSelect
setsockopt
ntohs
WSAStartup
listen
inet_ntoa
inet_addr
getpeername
recv

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

027a1853c53e6dac9aededa153df23d9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

ws2_32

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 382KB - Virtual size: 382KB

.data Size: 30KB - Virtual size: 94KB

.rsrc Size: 4.9MB - Virtual size: 4.9MB

.reloc Size: 156KB - Virtual size: 156KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 382KB - Virtual size: 382KB

.data
Size: 30KB - Virtual size: 94KB

.rsrc
Size: 4.9MB - Virtual size: 4.9MB

.reloc
Size: 156KB - Virtual size: 156KB