Windows 10 color control[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Windows 10 color control.exe
Size

176KB
MD5

7002fa917ba363ecac29da6a39ab72d6
SHA1

e1ce3d65ba0a111fd95e735e4a93df1518d46c92
SHA256

d42bf3cd0fbf121e30ac84ab36695af8d7a10e2b4a194b268f00811e230a0247
SHA512

5e26b3cb835f3fb335ca75a7679ce94662a3adc881fe668da0d976caa527a6408d50480eb3e4b13cb05148a0c58af9268d405b91a5df255fd8716123a857677c
SSDEEP

3072:Oq85jP1VAXV2wE9SvAur3WSYCzRKdVyWhN3cDeTFSia:wouk43jERGVNN3cDU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Windows 10 color control.exe

Files

Windows 10 color control.exe
.exe windows:6 windows x86 arch:x86

f05792f4219c1963aac33b460a6e870e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
SizeofResource
lstrcmpiW
LoadLibraryW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
FreeLibrary
LoadResource
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
WriteFile
GetStdHandle
DecodePointer
FindResourceW
MultiByteToWideChar
LockResource
FlushInstructionCache
GetCurrentThreadId
GetCurrentProcess
Sleep
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
GetStartupInfoW
CreateFileW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
FreeEnvironmentStringsW
RaiseException
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
IsDebuggerPresent
OutputDebugStringW
EncodePointer
RtlUnwind
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
GetCommandLineW
HeapSize
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount

user32

RegisterWindowMessageW
SendMessageW
DefWindowProcW
CallWindowProcW
UnregisterClassW
SetWindowPos
CharNextW
DestroyWindow
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect
InvalidateRect
GetSystemMetrics
EnableWindow
GetActiveWindow
GetDlgCtrlID
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
EndDialog
DialogBoxParamW

gdi32

CreateSolidBrush
DeleteObject

comdlg32

ChooseColorW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoUninitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f05792f4219c1963aac33b460a6e870e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 69KB - Virtual size: 68KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 68KB - Virtual size: 68KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 69KB - Virtual size: 68KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 68KB - Virtual size: 68KB

.reloc
Size: 5KB - Virtual size: 5KB