518bb0748133b9789dac0072c2ec0f20N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

518bb0748133b9789dac0072c2ec0f20N.exe
Size

5.3MB
MD5

518bb0748133b9789dac0072c2ec0f20
SHA1

904492d5ec7c099edc10f2355a7419e475eb2a24
SHA256

733d9ac5d6f2e44b20f193188fe3ae47c8cfe1feb3348a20f016cea0d84ea03f
SHA512

911b253ec50712ea1a5e24ed64db8b1b3e8b7d6542f6ce9edb0e0421a394020ead2977b112a0b5fa69db64ec0786b7ec21e4684fbb6b9e2635be53439818e703
SSDEEP

98304:UajqHTgFRDKAVYXKbO1EFsNOnPBPJVwjdIG3XUUWVtZEaeWyj:UCq8PCXpTOnmdIG3Pm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
518bb0748133b9789dac0072c2ec0f20N.exe

Files

518bb0748133b9789dac0072c2ec0f20N.exe
.exe windows:6 windows x86 arch:x86

6d9b16bcf983b52078027ffef6be0cb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\workplace\AndroidEmulator\7KMarket_Git_Release64\Basic\Client\Output\Binfinal\UiTools\TUninstallMiniSkin.pdb

Imports

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

connect
recv
send
socket
ioctlsocket
setsockopt
closesocket
shutdown
WSACleanup
WSAGetLastError
WSAStartup
select
htons
htonl
ntohl
__WSAFDIsSet
gethostbyname

kernel32

GetFileType
GetStdHandle
FlushFileBuffers
QueryPerformanceCounter
FormatMessageA
GetSystemTimeAsFileTime
LockFileEx
LocalFree
CreateFileMappingA
UnlockFile
HeapCompact
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
FlushViewOfFile
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
CreateMutexA
InterlockedExchange
InterlockedCompareExchange
SetEndOfFile
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
CreateDirectoryA
SleepEx
CreateEventW
K32GetModuleFileNameExA
VirtualQuery
SwitchToThread
GetSystemDefaultLangID
LoadLibraryA
lstrcmpiW
SetEvent
OpenFileMappingW
OpenEventW
InitializeCriticalSection
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
lstrcpynW
CreateDirectoryW
GetWindowsDirectoryW
GetVersionExW
GetShortPathNameW
GetCurrentProcessId
GetTempFileNameW
GetTempPathW
FreeResource
GetEnvironmentVariableA
CreateMutexW
DecodePointer
RaiseException
ExpandEnvironmentStringsW
FormatMessageW
GetACP
GetUserDefaultUILanguage
GetFileSize
VirtualFree
VirtualAlloc
CopyFileW
MoveFileExW
TerminateProcess
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
GetExitCodeProcess
GetCurrentThreadId
GetLocalTime
MoveFileW
GetCurrentDirectoryW
GetFullPathNameW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesExW
SetFilePointer
WriteFile
GetTickCount
WideCharToMultiByte
GetModuleFileNameA
SystemTimeToFileTime
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
GetSystemDirectoryW
GetEnvironmentVariableW
GetLocaleInfoW
DeleteFileW
GetFileAttributesW
GetPrivateProfileSectionW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetModuleHandleA
LoadLibraryExW
OutputDebugStringW
GlobalMemoryStatusEx
GetSystemInfo
GetLastError
IsProcessorFeaturePresent
ReadFile
PeekNamedPipe
WaitForSingleObject
CreateProcessA
CreatePipe
Sleep
GetDriveTypeW
GetLogicalDrives
CloseHandle
CreateFileW
GetDiskFreeSpaceExW
DeviceIoControl
GetCurrentProcess
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
ReadConsoleW
SetEnvironmentVariableA
SetStdHandle
GetCommandLineA
HeapQueryInformation
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetCPInfo
GetStringTypeW
LCMapStringW
SetFilePointerEx
FindFirstFileExW
QueryPerformanceFrequency
GetNativeSystemInfo
GetExitCodeThread
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
GetUserDefaultLCID
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
VirtualProtect
GlobalFindAtomW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GlobalDeleteAtom
GetCurrentThread
ResumeThread
SetThreadPriority
lstrcmpW
GlobalFlags
CompareStringW
EncodePointer
DuplicateHandle
GetVolumeInformationW
GlobalAddAtomW
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
MulDiv
GlobalSize
GlobalMemoryStatus
FlushConsoleInputBuffer
HeapDestroy

user32

IntersectRect
SetCapture
ReleaseCapture
GetCapture
GetKeyState
SetTimer
KillTimer
OffsetRect
CopyRect
EqualRect
RegisterWindowMessageW
UnionRect
InvalidateRect
IsRectEmpty
BeginPaint
UpdateLayeredWindow
SendMessageW
LoadImageW
SendMessageTimeoutW
GetWindowLongW
CallWindowProcW
IsWindow
PtInRect
RegisterClassExW
LoadCursorW
GetDlgItem
SetWindowLongW
UnhookWindowsHookEx
CreateWindowExW
SetWindowsHookExW
GetClassInfoW
GetClientRect
CallNextHookEx
PostQuitMessage
PostMessageW
SetRect
FindWindowExW
IsWindowVisible
GetWindowRect
EndPaint
HideCaret
SetCursor
SetFocus
ClientToScreen
WindowFromPoint
ScreenToClient
GetCursorPos
UpdateWindow
ShowWindow
DispatchMessageW
TranslateMessage
GetMessageW
GetSystemMetrics
EnumDisplayDevicesW
wsprintfW
GetMenuStringW
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetMonitorInfoW
AppendMenuW
RemoveMenu
GetSysColor
GetSysColorBrush
IsWindowEnabled
MessageBoxW
GetLastActivePopup
GetWindowTextLengthW
DestroyIcon
GetDlgCtrlID
GetFocus
SetWindowTextW
RealChildWindowFromPoint
ValidateRect
SetScrollPos
GetScrollPos
MoveWindow
CheckDlgButton
IsDialogMessageW
IsIconic
SetForegroundWindow
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
RegisterClassW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropW
GetPropW
RemovePropW
AdjustWindowRectEx
GetClassLongW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
CopyImage
ShowOwnedPopups
DeleteMenu
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
DestroyMenu
GetMenuItemInfoW
SendDlgItemMessageA
SetRectEmpty
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
GetIconInfo
MessageBeep
EnableScrollBar
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateW
DrawEdge
DrawFrameControl
BringWindowToTop
SetCursorPos
CopyIcon
FrameRect
DrawIcon
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetClassNameW
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
MonitorFromWindow
CreateWindowExA
RegisterClassExA
DefWindowProcW
DestroyWindow
ReleaseDC
GetDC
InsertMenuW
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
GetWindowThreadProcessId
CharUpperW
FindWindowA
DrawTextW
FillRect
MapWindowPoints
GetWindow
PeekMessageW
InflateRect
DrawFocusRect
GetParent
SetWindowPos
EnableWindow
GetDesktopWindow
SystemParametersInfoW
IsZoomed
SetWindowRgn
GetActiveWindow
RedrawWindow
GetWindowTextW
GetSystemMenu
GetMenuState
DrawIconEx
GetClassInfoExW
UnpackDDElParam

gdi32

Escape
CreatePatternBrush
CreateBitmap
CreateDCW
CopyMetaFileW
GetObjectType
CreateHatchBrush
GetPixel
SetTextColor
CreateSolidBrush
GetObjectA
CombineRgn
ExtCreateRegion
StretchBlt
GetObjectW
Rectangle
LineTo
MoveToEx
ExtTextOutW
SetBkColor
CreateRectRgn
ExcludeClipRect
BitBlt
CreateCompatibleBitmap
GetClipBox
RoundRect
CreatePen
GetTextExtentPoint32W
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateFontIndirectW
GetStockObject
SetBkMode
GetDeviceCaps
SetPixelFormat
ChoosePixelFormat
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
GetRgnBox
OffsetRgn
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW

advapi32

CryptGenRandom
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
OpenProcessToken
GetTokenInformation
LookupPrivilegeNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExA
OpenSCManagerW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptReleaseContext
RegCloseKey
CryptAcquireContextW
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyW
RegDeleteValueW
CloseServiceHandle
DeleteService
ControlService
OpenServiceW

shell32

CommandLineToArgvW
SHGetFileInfoW
SHBrowseForFolderW
DragQueryFileW
DragFinish
SHAppBarMessage
SHGetFolderPathA
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteW
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetDesktopFolder
SHCreateDirectoryExW

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CreateStreamOnHGlobal

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
LoadTypeLi
VariantInit
SysAllocString
VariantClear
SysFreeString
VarBstrFromDate
VariantChangeType
VariantCopy

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathRemoveFileSpecA
PathIsDirectoryW
StrCmpW
StrStrIW
PathFileExistsA
SHDeleteKeyW
PathAppendW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathFileExistsW

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeText
DrawThemeParentBackground

d3d9

Direct3DCreate9

opengl32

wglGetProcAddress
glGetString
wglMakeCurrent
wglCreateContext
wglDeleteContext

wininet

DeleteUrlCacheEntryW

gdiplus

GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateFromHDC
GdipGraphicsClear
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipCloneImage
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipDisposeImage
GdipRotateMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipGetImageHeight
GdipGetImageWidth
GdipAlloc
GdipFree
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateStringFormat
GdiplusStartup
GdipSetWorldTransform
GdipDeleteStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming

netapi32

Netbios

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

urlmon

URLDownloadToFileW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 804KB - Virtual size: 803KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 752KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d9b16bcf983b52078027ffef6be0cb3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

uxtheme

d3d9

opengl32

wininet

gdiplus

netapi32

oleacc

imm32

winmm

urlmon

winspool.drv

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 652KB - Virtual size: 651KB

.data Size: 70KB - Virtual size: 108KB

.gfids Size: 106KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.QMGuid Size: 512B - Virtual size: 32B

.rsrc Size: 804KB - Virtual size: 803KB

.reloc Size: 752KB - Virtual size: 756KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 652KB - Virtual size: 651KB

.data
Size: 70KB - Virtual size: 108KB

.gfids
Size: 106KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.QMGuid
Size: 512B - Virtual size: 32B

.rsrc
Size: 804KB - Virtual size: 803KB

.reloc
Size: 752KB - Virtual size: 756KB