5e9965133ff587bd09e5b295807106c52e03ffcd95e9a1f61ee0bf9995bea04d

Sharing

Copy URL Twitter E-mail

General

Target

5e9965133ff587bd09e5b295807106c52e03ffcd95e9a1f61ee0bf9995bea04d
Size

12.9MB
MD5

a02fcba5ad89227188935762f8b7cc37
SHA1

da8adc74759b6552b832f654f19a471fc0fec561
SHA256

5e9965133ff587bd09e5b295807106c52e03ffcd95e9a1f61ee0bf9995bea04d
SHA512

7634a91c1e47d66dc8b913d931f8d7ab350139ef38f12c851f3574c379b2a2084608c5b40222792e0dca5139e7ee8fc60f4d83a78ec0106f8390b15a4619799e
SSDEEP

393216:JM9kANic+HCZblrSreoGGY8ayXNN3o9fuBEgO7r:aJNaCJlrSrzGSaLz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e9965133ff587bd09e5b295807106c52e03ffcd95e9a1f61ee0bf9995bea04d

Files

5e9965133ff587bd09e5b295807106c52e03ffcd95e9a1f61ee0bf9995bea04d
.exe windows:5 windows x86 arch:x86

86c970a55c992a28ca54bf3f39c38d5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\其它杂项目\uglic\211031成品\uglic\Release\uglic.pdb

Imports

kernel32

SetFilePointerEx
GetACP
ExitProcess
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
GetFileType
GetConsoleMode
LCMapStringW
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
ReadConsoleW
SetStdHandle
GetStringTypeW
GetDriveTypeW
GetTimeZoneInformation
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
GetTickCount
GetWindowsDirectoryW
FindResourceExW
GetTempFileNameW
SetErrorMode
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
VerifyVersionInfoW
VerSetConditionMask
lstrcmpA
GetVersionExW
GetCurrentThread
GetFileTime
GetFileSizeEx
GetFileAttributesExW
lstrcmpiW
DuplicateHandle
UnlockFile
LockFile
GetFullPathNameW
FlushFileBuffers
LocalAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetCurrentProcessId
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
FreeResource
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
OutputDebugStringA
MulDiv
GlobalFree
GlobalSize
SetEndOfFile
GetFileSize
LoadLibraryW
FreeLibrary
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
CreateDirectoryW
SetEvent
WriteFile
CreateFileW
GetTempPathW
CreateEventW
CreateMutexW
GetModuleFileNameW
SetLastError
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
MultiByteToWideChar
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapFree
ReadFile
GetModuleHandleW
GetProcAddress
GetVolumeInformationW
GetCurrentProcess
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
FindClose
FindNextFileW
FindFirstFileW
CopyFileW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
GetLastError
OutputDebugStringW
LocalFree
FormatMessageW
lstrcpyW
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
HeapQueryInformation
WriteConsoleW

user32

DeleteMenu
SetCapture
WaitMessage
MapDialogRect
GetAsyncKeyState
RealChildWindowFromPoint
OffsetRect
SendDlgItemMessageA
CopyImage
GetMenuItemInfoW
DestroyMenu
DrawStateW
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageW
EnumDisplayMonitors
SystemParametersInfoW
LoadCursorW
SetRectEmpty
GetSysColorBrush
SetLayeredWindowAttributes
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
CharUpperW
GetDesktopWindow
FillRect
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
GetWindowThreadProcessId
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
SetTimer
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
SetClassLongW
SetPropW
ShowScrollBar
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableWindow
GetSysColor
DrawFrameControl
InflateRect
GetSystemMetrics
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
KillTimer
DrawEdge
SetWindowRgn
DrawFocusRect
IsRectEmpty
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
TrackMouseEvent
SetWindowPos
DestroyWindow
IsChild
IsZoomed
GetSystemMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
SetParent
BringWindowToTop
CreatePopupMenu
GetScrollInfo
LockWindowUpdate
DrawTextW
IntersectRect
InvalidateRect
UnregisterClassW
RedrawWindow
GetClientRect
LoadIconW
SendMessageW
IsIconic
DrawIcon
PostMessageW
GetWindowLongW
GetCapture
GetCursorPos
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
GetNextDlgGroupItem
DefMDIChildProcW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
LoadMenuW
GetWindowRect
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
LoadImageW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetDoubleClickTime
GetIconInfo
CopyIcon
ModifyMenuW
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
DrawMenuBar
DefFrameProcW
GetWindowRgn
DestroyCursor
GetComboBoxInfo
InvertRect
HideCaret
CreateMenu
PostThreadMessageW
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
GetPropW

gdi32

IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetWindowExtEx
GetTextMetricsW
GetTextExtentPoint32W
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
CreateDIBSection
EnumFontFamiliesExW
RealizePalette
SetPixel
StretchBlt
SetDIBColorTable
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteObject
DeleteDC
SetBkMode
SetTextColor
SelectObject
CreateFontIndirectW
GetTextCharsetInfo
GetObjectW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW
SHGetFolderPathW
SHGetFileInfoW
DragQueryFileW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHCreateDirectoryExW
SHAppBarMessage
SHGetDesktopFolder

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathFindExtensionW
PathIsDirectoryW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW

uxtheme

GetThemeColor
DrawThemeParentBackground
IsAppThemed
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
GetThemePartSize

ole32

IsAccelerator
CoInitializeEx
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleDestroyMenuDescriptor
OleTranslateAccelerator

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantCopy
VarBstrFromDate
LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysAllocString

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipGetImageGraphicsContext
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipReleaseDC
GdipLoadImageFromStream
GdipFillRectangleI
GdipDeleteGraphics
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateSolidFill
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipFree
GdiplusStartup
GdiplusShutdown

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 326KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11.6MB - Virtual size: 11.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86c970a55c992a28ca54bf3f39c38d5b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 326KB - Virtual size: 326KB

.data Size: 22KB - Virtual size: 48KB

.gfids Size: 104KB - Virtual size: 104KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 11.6MB - Virtual size: 11.6MB

.reloc Size: 120KB - Virtual size: 120KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 326KB - Virtual size: 326KB

.data
Size: 22KB - Virtual size: 48KB

.gfids
Size: 104KB - Virtual size: 104KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 11.6MB - Virtual size: 11.6MB

.reloc
Size: 120KB - Virtual size: 120KB