d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13

Sharing

Copy URL

Twitter E-mail

General

Target

d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13
Size

2.3MB
MD5

672f29720fb46e90d4b620c5bd157a08
SHA1

548bcc11ed9cb4160bb07f2d0e0eee644e6fc488
SHA256

d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13
SHA512

05cbe3a4c05d4459a9d74ddf1aaea1875985fc6447505d03891cec1669668a9d1f859bc9aebed37f69d8168f9ee4bd1500dd30fa12e2fae4a2c641a2777fe8b0
SSDEEP

49152:RE1wVQ0HzeFuJxPaZOYqgXg7Cn5BJlT+Qr/nafL+bllS4sm7Gj/ebr:REw5Mu3IOYqgjB6bsGjmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13

Files

d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13
.exe windows:6 windows x86 arch:x86

ce79b498d0b233d216e6b874b1e75a30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\1\s\Win32\Release\ZoomIt.pdb

Imports

winmm

PlaySoundW

gdiplus

GdipFree
GdipAlloc
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFillEllipseI
GdipFillRectangleI
GdipDrawPath
GdipDrawEllipseI
GdipDrawRectangleI
GdipDrawLineI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipBitmapApplyEffect
GdipBitmapGetPixel
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipSetPenLineJoin
GdipSetPenLineCap197819
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipAddPathLineI
GdipClosePathFigure
GdipStartPathFigure
GdipDeletePath
GdipCreatePath
GdipSetEffectParameters
GdipDeleteEffect
GdipCreateEffect
GdiplusShutdown

msimg32

AlphaBlend

kernel32

TlsFree
TlsSetValue
TlsGetValue
ExitProcess
GetConsoleCP
IsDebuggerPresent
DebugBreak
OutputDebugStringW
CloseHandle
GetLastError
SetLastError
HeapAlloc
HeapFree
GetProcessHeap
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
SetEvent
ResetEvent
ReleaseSemaphore
ReleaseMutex
WaitForSingleObject
WaitForSingleObjectEx
WaitForMultipleObjectsEx
OpenSemaphoreW
CreateMutexExW
CreateEventExW
CreateSemaphoreExW
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
FormatMessageW
GetVersionExW
LoadLibraryExW
GetStdHandle
GetCommandLineW
GetFileType
LocalAlloc
LocalFree
MulDiv
ExpandEnvironmentStringsW
DeleteFileW
GetFileAttributesW
Beep
CreateEventW
Sleep
GetCurrentProcess
GetExitCodeProcess
GetCurrentThread
SetThreadPriority
GetVersion
GetTickCount
GetModuleFileNameW
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcpynW
MultiByteToWideChar
FreeLibrary
TerminateProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetThreadpoolWait
CreateThreadpoolWait
GetSystemTimeAsFileTime
LCMapStringEx
GetCPInfo
CompareStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
IsProcessorFeaturePresent
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
InitOnceComplete
InitOnceBeginInitialize
GetStringTypeW
WideCharToMultiByte
GetFileInformationByHandleEx
AreFileApisANSI
GetTempPathW
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
GetLocaleInfoEx
FormatMessageA
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
SwitchToThread
RaiseException
RtlUnwind
InterlockedPushEntrySList
InitializeCriticalSectionAndSpinCount
WriteFile
TlsAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
SetConsoleMode
ReadConsoleInputW
ReadConsoleW
HeapReAlloc
GetConsoleOutputCP
GetFileSizeEx
SetFilePointerEx
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
ReadFile
HeapSize
WriteConsoleW
SetEndOfFile
LoadLibraryW
TrySubmitThreadpoolCallback
CloseThreadpoolWait
InitializeSListHead

user32

GetDesktopWindow
LoadIconW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
GetParent
FindWindowW
SystemParametersInfoW
SetRect
WindowFromPoint
MapWindowPoints
SetCursorPos
ShowCursor
MessageBoxW
RedrawWindow
InvalidateRect
ReleaseDC
GetForegroundWindow
SetActiveWindow
UpdateWindow
DrawTextW
TrackPopupMenu
InsertMenuW
DestroyMenu
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
KillTimer
SetTimer
GetAsyncKeyState
GetKeyState
SetFocus
EmptyClipboard
SetClipboardData
OpenClipboard
IsDlgButtonChecked
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
DialogBoxParamW
CreateDialogParamW
BringWindowToTop
IsWindowVisible
PostQuitMessage
PostMessageW
SetMessageExtraInfo
GetMessageExtraInfo
UnregisterHotKey
RegisterHotKey
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
GetDC
SetWindowLongW
GetWindowLongW
OffsetRect
FillRect
ClipCursor
GetClipCursor
GetWindowRect
GetClientRect
SetWindowRgn
EndPaint
BeginPaint
SetForegroundWindow
EnableWindow
ReleaseCapture
SetCapture
GetCapture
SetWindowDisplayAffinity
SetWindowPos
MoveWindow
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
GetClassInfoW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
LoadCursorW
InflateRect
GetSysColorBrush
SetCursor
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
SendMessageW
CloseClipboard

gdi32

LineTo
GetCurrentObject
Ellipse
CreatePen
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SelectObject
DeleteDC
GetStockObject
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CombineRgn
EndPage
StartPage
EndDoc
StartDocW
SetMapMode
GetDeviceCaps
SetBkMode
StretchBlt
SetROP2
SetStretchBltMode
SetTextColor
CreateDIBSection
GetObjectW
Polygon
MoveToEx
Rectangle
BitBlt

comdlg32

PrintDlgW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyW
RegCreateKeyW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegGetValueW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW

shell32

Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
SHGetKnownFolderItem

ole32

CoGetApartmentType
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoGetObjectContext
CoCreateInstance
CoTaskMemFree
CoInitialize

oleaut32

SetErrorInfo
GetErrorInfo
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 385KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce79b498d0b233d216e6b874b1e75a30

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

gdiplus

msimg32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 385KB - Virtual size: 388KB

.rdata Size: 114KB - Virtual size: 116KB

.data Size: 31KB - Virtual size: 40KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 385KB - Virtual size: 388KB

.rdata
Size: 114KB - Virtual size: 116KB

.data
Size: 31KB - Virtual size: 40KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB