84f783ba3dc04c85dd5cd7d85d1f6fcfaf28e271657ed986848193a94f06d610

Sharing

Copy URL Twitter E-mail

General

Target

84f783ba3dc04c85dd5cd7d85d1f6fcfaf28e271657ed986848193a94f06d610
Size

10.2MB
MD5

ef4a7d81c9d6ab906ab76a9b41b55317
SHA1

108014efc7c944a8976368bff492926fdfe65898
SHA256

84f783ba3dc04c85dd5cd7d85d1f6fcfaf28e271657ed986848193a94f06d610
SHA512

afab70817272a66a64375ec50be9dfd0d4f5f115fd2846197f9848ec445802cfc3991c2252c5a268258f9b020e3b3f84ada5039acb5e14e5d2608ce7292f70ae
SSDEEP

196608:tR0ljY4OYfrss6cv4cHSoUw7l2GrPAlralpisuFz:tt4OYDssrv6M5uupA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84f783ba3dc04c85dd5cd7d85d1f6fcfaf28e271657ed986848193a94f06d610

Files

84f783ba3dc04c85dd5cd7d85d1f6fcfaf28e271657ed986848193a94f06d610
.exe windows:6 windows x86 arch:x86

6d3a3fd0533f6aed3f603e5a04f786d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Github\GS\Code\bin\Gsound4to8.pdb

Imports

kernel32

AllocConsole
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
GetModuleFileNameW
CreateProcessW
CreateMutexW
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
FreeResource
RemoveDirectoryW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTickCount
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
WriteConsoleW
SetEndOfFile
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
GetFileType
GetCurrentThread
GetStdHandle
MoveFileExW
GetFileAttributesExW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
DecodePointer
OutputDebugStringW
lstrcmpiW
Sleep
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
SetEvent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
FreeLibrary
CreateEventW
GetACP
CreateFileW
GetFileSize
ReadFile
GetModuleHandleW
GetProcAddress
LoadLibraryW
GlobalUnlock
GlobalLock
ExitProcess
MulDiv
GlobalAlloc
GetCurrentProcessId
OpenProcess
lstrcpyW
GetFileAttributesW
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
WriteFile
SystemTimeToFileTime
LocalFree
FormatMessageW
InitializeCriticalSectionAndSpinCount
lstrcpynW
WaitForSingleObject
CreateThread
SetHandleInformation
CreatePipe
GetStartupInfoW
CreateFileA
DeviceIoControl
GetOverlappedResult
CancelIo
ResetEvent

user32

PostQuitMessage
IsZoomed
IsWindow
IsChild
ShowWindow
PostMessageW
GetWindowRect
IntersectRect
OffsetRect
UnregisterClassW
CharNextW
SetCursor
SetWindowPos
LoadCursorW
GetFocus
GetParent
SetTimer
KillTimer
GetSystemMetrics
GetDC
ReleaseDC
EnumDisplayMonitors
RegisterDeviceNotificationW
EndDialog
InvalidateRect
GetWindowLongW
SetWindowLongW
FindWindowW
GetWindowThreadProcessId
wsprintfW
PtInRect
MonitorFromPoint
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
DrawTextA
wsprintfA
GetCaretPos
SetCaretPos
ShowCaret
InflateRect
UnionRect
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
CreateWindowExW
DestroyWindow
IsWindowVisible
IsIconic
SetFocus
GetActiveWindow
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
GetClientRect
GetCursorPos
ScreenToClient
MapWindowPoints
GetSysColor
IsRectEmpty
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
SetWindowRgn
HideCaret
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
UpdateWindow
CharPrevW
DrawTextW
FillRect
SetRect
EqualRect
MessageBoxW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetCaretBlinkTime
ClientToScreen
GetGUIThreadInfo
IsWindowEnabled
SetForegroundWindow
UpdateLayeredWindow
GetWindowRgn
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
CreateCaret

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellExecuteW
DragQueryFileW
SHGetFolderPathW

ole32

OleDuplicateData
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
ReleaseStgMedium
CoCreateInstance
DoDragDrop
CLSIDFromString
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
RegisterDragDrop

netapi32

NetWkstaGetInfo
NetApiBufferFree

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

gdiplus

GdipFillEllipseI
GdipFillPieI
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipCreateSolidFill
GdipSetSmoothingMode
GdipCloneBrush
GdipFree
GdipAlloc
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipFillRectangleI
GdipReleaseDC
GdipDeleteGraphics
GdipDeleteBrush
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetPenWidth
GdipSetPenColor
GdipDrawBeziersI
GdipImageSelectActiveFrame
GdipSetPenDashStyle
GdipDrawCurveI
GdiplusStartup
GdiplusShutdown
GdipCreatePath
GdipDeletePath
GdipAddPathLine
GdipAddPathArc
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetImageWidth
GdipTranslateWorldTransform
GdipGetImageHeight
GdipRotateWorldTransform
GdipImageGetFrameCount

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

shlwapi

StrChrW

ws2_32

gethostname
WSAStartup
gethostbyname

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

gdi32

CreateDIBitmap
CreateFontIndirectW
CreatePen
CreateCompatibleBitmap
BitBlt
GetCharABCWidthsW
CreateRectRgnIndirect
CreatePenIndirect
DeleteObject
GetDeviceCaps
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle
RestoreDC
SaveDC
GetClipBox
CloseEnhMetaFile
CreateEnhMetaFileW
CreateCompatibleDC
DeleteDC
SelectObject
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CreatePatternBrush
CreateSolidBrush
SetBkMode
SetTextColor
GetTextExtentPoint32W
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
PtInRegion
CreateRectRgn
GdiFlush
TextOutW
MoveToEx
GetObjectA
CreateDIBSection
SetStretchBltMode
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
LineTo
CombineRgn

oleaut32

SysAllocString
SysFreeString
VariantInit
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VariantClear

Exports

Exports

_cJSON_AddArrayToObject@8
_cJSON_AddBoolToObject@12
_cJSON_AddFalseToObject@8
_cJSON_AddItemReferenceToArray@8
_cJSON_AddItemReferenceToObject@12
_cJSON_AddItemToArray@8
_cJSON_AddItemToObject@12
_cJSON_AddItemToObjectCS@12
_cJSON_AddNullToObject@8
_cJSON_AddNumberToObject@16
_cJSON_AddObjectToObject@8
_cJSON_AddRawToObject@12
_cJSON_AddStringToObject@12
_cJSON_AddTrueToObject@8
_cJSON_Compare@12
_cJSON_CreateArray@0
_cJSON_CreateArrayReference@4
_cJSON_CreateBool@4
_cJSON_CreateDoubleArray@8
_cJSON_CreateFalse@0
_cJSON_CreateFloatArray@8
_cJSON_CreateIntArray@8
_cJSON_CreateNull@0
_cJSON_CreateNumber@8
_cJSON_CreateObject@0
_cJSON_CreateObjectReference@4
_cJSON_CreateRaw@4
_cJSON_CreateString@4
_cJSON_CreateStringArray@8
_cJSON_CreateStringReference@4
_cJSON_CreateTrue@0
_cJSON_Delete@4
_cJSON_DeleteItemFromArray@8
_cJSON_DeleteItemFromObject@8
_cJSON_DeleteItemFromObjectCaseSensitive@8
_cJSON_DetachItemFromArray@8
_cJSON_DetachItemFromObject@8
_cJSON_DetachItemFromObjectCaseSensitive@8
_cJSON_DetachItemViaPointer@8
_cJSON_Duplicate@8
_cJSON_GetArrayItem@8
_cJSON_GetArraySize@4
_cJSON_GetErrorPtr@0
_cJSON_GetObjectItem@8
_cJSON_GetObjectItemCaseSensitive@8
_cJSON_GetStringValue@4
_cJSON_HasObjectItem@8
_cJSON_InitHooks@4
_cJSON_InsertItemInArray@12
_cJSON_IsArray@4
_cJSON_IsBool@4
_cJSON_IsFalse@4
_cJSON_IsInvalid@4
_cJSON_IsNull@4
_cJSON_IsNumber@4
_cJSON_IsObject@4
_cJSON_IsRaw@4
_cJSON_IsString@4
_cJSON_IsTrue@4
_cJSON_Minify@4
_cJSON_Parse@4
_cJSON_ParseWithOpts@12
_cJSON_Print@4
_cJSON_PrintBuffered@12
_cJSON_PrintPreallocated@16
_cJSON_PrintUnformatted@4
_cJSON_ReplaceItemInArray@12
_cJSON_ReplaceItemInObject@12
_cJSON_ReplaceItemInObjectCaseSensitive@12
_cJSON_ReplaceItemViaPointer@12
_cJSON_SetNumberHelper@12
_cJSON_Version@0
_cJSON_free@4
_cJSON_malloc@4
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d3a3fd0533f6aed3f603e5a04f786d9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

shell32

ole32

netapi32

comctl32

gdiplus

imm32

shlwapi

ws2_32

setupapi

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 307KB - Virtual size: 307KB

.data Size: 11KB - Virtual size: 38KB

.rsrc Size: 8.8MB - Virtual size: 8.8MB

.reloc Size: 58KB - Virtual size: 58KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 307KB - Virtual size: 307KB

.data
Size: 11KB - Virtual size: 38KB

.rsrc
Size: 8.8MB - Virtual size: 8.8MB

.reloc
Size: 58KB - Virtual size: 58KB