12f181e54587ae606698ce3f058bb700N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

12f181e54587ae606698ce3f058bb700N.exe
Size

1.6MB
MD5

12f181e54587ae606698ce3f058bb700
SHA1

a2fe27bb1db932149003a3f9fb1fbf4730fd9238
SHA256

7fda0ccadf2910797e1350eeff84968b91cde279d22fb26d9534061568911db2
SHA512

fec8063b94647adab95e1802b8a78a41df9fe42e304370a8a3ee1e18644439c01a24a6e6ce2e151a4a03ed7f447667c74c15afea2f4cc713ee48fd1a1f448ebc
SSDEEP

49152:wUIqtT2ejxlQVw10FmRrYUU17SPjbR/WaKKnATIl4:whmHQVw10FaYzWPjIaKeATd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12f181e54587ae606698ce3f058bb700N.exe

Files

12f181e54587ae606698ce3f058bb700N.exe
.exe windows:5 windows x86 arch:x86

b4ce436253292b23c651cdee6a0cac22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\code\Lenove\K800\Code\Bin\HID.pdb

Imports

kernel32

GetCurrentDirectoryA
GetDriveTypeA
LCMapStringA
CreateFileA
SetEnvironmentVariableA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
CreateMutexW
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
WriteConsoleW
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
RaiseException
ExitThread
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileSizeEx
SetErrorMode
GlobalGetAtomNameW
GetFileAttributesW
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
InterlockedDecrement
GetCurrentDirectoryW
lstrlenA
CreateFileW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GlobalSize
LocalFree
MulDiv
FreeResource
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
SetLastError
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
lstrcpyW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
GetPrivateProfileIntW
GetPrivateProfileStructW
WritePrivateProfileStructW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
ResetEvent
CreateEventW
FindClose
FindFirstFileW
CreateProcessW
GetCurrentProcess
GetModuleHandleW
FreeLibrary
CopyFileW
GetModuleFileNameA
CreateDirectoryW
OpenFile
GetProcAddress
LoadLibraryW
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateThread
GetTickCount
Sleep
ReleaseMutex
CloseHandle
GetLastError

user32

TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetRect
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnregisterClassW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetMenuItemInfoW
EmptyClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
DrawStateW
RegisterClipboardFormatW
LockWindowUpdate
BringWindowToTop
IsRectEmpty
InvalidateRect
InflateRect
IsMenu
GetSystemMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DestroyMenu
PostThreadMessageW
LoadMenuW
GetSysColorBrush
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DeleteMenu
WaitMessage
ReleaseCapture
LoadCursorW
SetCapture
ClientToScreen
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
FrameRect
CheckDlgButton
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
GetClientRect
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetLastActivePopup
IsWindowEnabled
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetUpdateRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetNextDlgGroupItem
DrawIcon
DestroyCursor
GetWindowRgn
MapDialogRect
CreateMenu
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
IsZoomed
PostQuitMessage
RegisterWindowMessageW
SetCursorPos
WindowFromPoint
GetSystemMetrics
CloseClipboard
OpenClipboard
IsClipboardFormatAvailable
SetForegroundWindow
GetWindowThreadProcessId
GetWindow
EnumChildWindows
GetParent
ScreenToClient
IsWindowVisible
GetWindowRect
GetClassNameW
GetDesktopWindow
GetWindowLongW
GetForegroundWindow
EnableWindow
GetCursorPos
MapVirtualKeyW
SetTimer
keybd_event
GetMessageExtraInfo
mouse_event
KillTimer
PostMessageW
SendMessageW
wsprintfW
FindWindowW
SetWindowLongW
FillRect

gdi32

CreateRectRgnIndirect
OffsetRgn
GetRgnBox
Escape
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetTextExtentPoint32W
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
SetRectRgn
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
Ellipse
Polygon
Rectangle
CreateHatchBrush
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
ExtTextOutW
TextOutW
RectVisible
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RoundRect
CreateBitmap
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SelectObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW

shell32

SHGetFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
ShellExecuteW
SHAppBarMessage
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
OleGetClipboard
DoDragDrop
OleLockRunning
CreateStreamOnHGlobal
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

hiddevice

ord12
ord4
ord5
ord7
ord3
ord2

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4ce436253292b23c651cdee6a0cac22

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

hiddevice

imm32

winmm

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 285KB - Virtual size: 285KB

.data Size: 24KB - Virtual size: 52KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 139KB - Virtual size: 138KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 285KB - Virtual size: 285KB

.data
Size: 24KB - Virtual size: 52KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 139KB - Virtual size: 138KB

.rmnet
Size: 56KB - Virtual size: 60KB