da31d91b6c8149938b535ae2b07e34ab6fb9edab10923ac28244fc4dabf087e1

Sharing

Copy URL Twitter E-mail

General

Target

da31d91b6c8149938b535ae2b07e34ab6fb9edab10923ac28244fc4dabf087e1
Size

10.3MB
MD5

bc9dd301859fc7c5fe798dc8f7bf9a48
SHA1

9284a6dda7fc1d0fb884f5afed196858c86dd50b
SHA256

da31d91b6c8149938b535ae2b07e34ab6fb9edab10923ac28244fc4dabf087e1
SHA512

2591445316a71c115afd16ffe36b65fccf3834b11f11348ccbea0131f67a19cf8fd19234e713c35212d7ebf131e1b7745c2b80da7b2a564642baa8c595fe502f
SSDEEP

196608:OKQwMYa+f6dPK/AEUBGi/0NgwDCisH8RVDMPqAuFzv:O9wMYuwATnYCiNRVWqJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da31d91b6c8149938b535ae2b07e34ab6fb9edab10923ac28244fc4dabf087e1

Files

da31d91b6c8149938b535ae2b07e34ab6fb9edab10923ac28244fc4dabf087e1
.exe windows:6 windows x86 arch:x86

d136241494660d24ca053280ff9a12d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Github\GS\Code\bin\Gsound4to8.pdb

Imports

kernel32

AllocConsole
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
GetModuleFileNameW
CreateProcessW
CreateMutexW
CloseHandle
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrlenW
FreeResource
GetTickCount64
RemoveDirectoryW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTickCount
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
WriteConsoleW
SetEndOfFile
GetStringTypeW
SetStdHandle
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
GetFileType
GetCurrentThread
GetStdHandle
MoveFileExW
GetFileAttributesExW
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
DecodePointer
OutputDebugStringW
lstrcmpiW
Sleep
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryA
GetACP
CreateFileW
GetFileSize
ReadFile
GetModuleHandleW
GetProcAddress
LoadLibraryW
GlobalUnlock
GlobalLock
ExitProcess
MulDiv
GlobalAlloc
GetCurrentProcessId
OpenProcess
lstrcpyW
GetFileAttributesW
LocalFileTimeToFileTime
SetFilePointer
SetFileTime
WriteFile
SystemTimeToFileTime
LocalFree
FormatMessageW
InitializeCriticalSectionAndSpinCount
lstrcpynW
WaitForSingleObject
CreateThread
SetHandleInformation
CreatePipe
GetStartupInfoW
CreateFileA
DeviceIoControl
GetOverlappedResult
CancelIo
ResetEvent
CreateEventW
FreeLibrary

user32

PostQuitMessage
IsZoomed
IsWindow
IsChild
ShowWindow
PostMessageW
GetWindowRect
IntersectRect
OffsetRect
UnregisterClassW
CharNextW
SetCursor
SetWindowPos
LoadCursorW
GetFocus
GetParent
SetTimer
KillTimer
GetSystemMetrics
GetDC
ReleaseDC
EnumDisplayMonitors
RegisterDeviceNotificationW
EndDialog
InvalidateRect
GetWindowLongW
SetWindowLongW
FindWindowW
GetWindowThreadProcessId
wsprintfW
PtInRect
MonitorFromPoint
MapVirtualKeyExW
GetKeyNameTextW
GetKeyboardLayout
DrawTextA
wsprintfA
GetCaretPos
SetCaretPos
ShowCaret
InflateRect
UnionRect
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
CreateWindowExW
DestroyWindow
IsWindowVisible
IsIconic
SetFocus
GetActiveWindow
GetKeyState
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
GetClientRect
GetCursorPos
ScreenToClient
MapWindowPoints
GetSysColor
IsRectEmpty
GetWindow
LoadImageW
MonitorFromWindow
GetMonitorInfoW
DefWindowProcW
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
GetMenu
SetPropW
GetPropW
AdjustWindowRectEx
SetWindowRgn
HideCaret
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
UpdateWindow
CharPrevW
DrawTextW
FillRect
SetRect
EqualRect
MessageBoxW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetCaretBlinkTime
ClientToScreen
GetGUIThreadInfo
IsWindowEnabled
SetForegroundWindow
UpdateLayeredWindow
GetWindowRgn
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
CreateCaret

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellExecuteW
DragQueryFileW
SHGetFolderPathW

ole32

OleDuplicateData
CreateStreamOnHGlobal
CLSIDFromProgID
OleLockRunning
ReleaseStgMedium
CoCreateInstance
DoDragDrop
CLSIDFromString
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize
RegisterDragDrop

netapi32

NetWkstaGetInfo
NetApiBufferFree

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

gdiplus

GdipFillEllipseI
GdipFillPieI
GdipCreatePen1
GdipDeletePen
GdipCreateFromHDC
GdipCreateSolidFill
GdipSetSmoothingMode
GdipCloneBrush
GdipFree
GdipAlloc
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipFillRectangleI
GdipReleaseDC
GdipDeleteGraphics
GdipDeleteBrush
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetPenWidth
GdipSetPenColor
GdipDrawBeziersI
GdipImageSelectActiveFrame
GdipSetPenDashStyle
GdipDrawCurveI
GdiplusStartup
GdiplusShutdown
GdipCreatePath
GdipDeletePath
GdipAddPathLine
GdipAddPathArc
GdipSetPenMode
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipDrawRectangleI
GdipDrawPath
GdipFillPath
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetImageWidth
GdipTranslateWorldTransform
GdipGetImageHeight
GdipRotateWorldTransform
GdipImageGetFrameCount

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

shlwapi

StrChrW

ws2_32

gethostname
WSAStartup
gethostbyname

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

gdi32

CreateDIBitmap
CreateFontIndirectW
CreatePen
CreateCompatibleBitmap
BitBlt
GetClipBox
GetCharABCWidthsW
CreateRectRgnIndirect
DeleteObject
GetDeviceCaps
GetStockObject
AddFontMemResourceEx
RemoveFontMemResourceEx
Rectangle
RestoreDC
SaveDC
SelectObject
GetTextExtentPoint32W
CreateEnhMetaFileW
CreateCompatibleDC
DeleteDC
CloseEnhMetaFile
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CreatePatternBrush
CreateSolidBrush
SetBkMode
SetTextColor
CombineRgn
LineTo
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
PtInRegion
CreateRectRgn
GdiFlush
TextOutW
MoveToEx
GetObjectA
CreateDIBSection
SetStretchBltMode
StretchBlt
SetBkColor
ExtSelectClipRgn
SelectClipRgn
CreatePenIndirect

oleaut32

SysAllocString
SysFreeString
VariantInit
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VariantClear

Exports

Exports

_cJSON_AddArrayToObject@8
_cJSON_AddBoolToObject@12
_cJSON_AddFalseToObject@8
_cJSON_AddItemReferenceToArray@8
_cJSON_AddItemReferenceToObject@12
_cJSON_AddItemToArray@8
_cJSON_AddItemToObject@12
_cJSON_AddItemToObjectCS@12
_cJSON_AddNullToObject@8
_cJSON_AddNumberToObject@16
_cJSON_AddObjectToObject@8
_cJSON_AddRawToObject@12
_cJSON_AddStringToObject@12
_cJSON_AddTrueToObject@8
_cJSON_Compare@12
_cJSON_CreateArray@0
_cJSON_CreateArrayReference@4
_cJSON_CreateBool@4
_cJSON_CreateDoubleArray@8
_cJSON_CreateFalse@0
_cJSON_CreateFloatArray@8
_cJSON_CreateIntArray@8
_cJSON_CreateNull@0
_cJSON_CreateNumber@8
_cJSON_CreateObject@0
_cJSON_CreateObjectReference@4
_cJSON_CreateRaw@4
_cJSON_CreateString@4
_cJSON_CreateStringArray@8
_cJSON_CreateStringReference@4
_cJSON_CreateTrue@0
_cJSON_Delete@4
_cJSON_DeleteItemFromArray@8
_cJSON_DeleteItemFromObject@8
_cJSON_DeleteItemFromObjectCaseSensitive@8
_cJSON_DetachItemFromArray@8
_cJSON_DetachItemFromObject@8
_cJSON_DetachItemFromObjectCaseSensitive@8
_cJSON_DetachItemViaPointer@8
_cJSON_Duplicate@8
_cJSON_GetArrayItem@8
_cJSON_GetArraySize@4
_cJSON_GetErrorPtr@0
_cJSON_GetObjectItem@8
_cJSON_GetObjectItemCaseSensitive@8
_cJSON_GetStringValue@4
_cJSON_HasObjectItem@8
_cJSON_InitHooks@4
_cJSON_InsertItemInArray@12
_cJSON_IsArray@4
_cJSON_IsBool@4
_cJSON_IsFalse@4
_cJSON_IsInvalid@4
_cJSON_IsNull@4
_cJSON_IsNumber@4
_cJSON_IsObject@4
_cJSON_IsRaw@4
_cJSON_IsString@4
_cJSON_IsTrue@4
_cJSON_Minify@4
_cJSON_Parse@4
_cJSON_ParseWithOpts@12
_cJSON_Print@4
_cJSON_PrintBuffered@12
_cJSON_PrintPreallocated@16
_cJSON_PrintUnformatted@4
_cJSON_ReplaceItemInArray@12
_cJSON_ReplaceItemInObject@12
_cJSON_ReplaceItemInObjectCaseSensitive@12
_cJSON_ReplaceItemViaPointer@12
_cJSON_SetNumberHelper@12
_cJSON_Version@0
_cJSON_free@4
_cJSON_malloc@4
hid_close
hid_enumerate
hid_error
hid_exit
hid_free_enumeration
hid_get_feature_report
hid_get_indexed_string
hid_get_manufacturer_string
hid_get_product_string
hid_get_serial_number_string
hid_init
hid_open
hid_open_path
hid_read
hid_read_timeout
hid_send_feature_report
hid_set_nonblocking
hid_write

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d136241494660d24ca053280ff9a12d6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

comdlg32

shell32

ole32

netapi32

comctl32

gdiplus

imm32

shlwapi

ws2_32

setupapi

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 12KB - Virtual size: 39KB

.rsrc Size: 8.8MB - Virtual size: 8.8MB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 12KB - Virtual size: 39KB

.rsrc
Size: 8.8MB - Virtual size: 8.8MB

.reloc
Size: 59KB - Virtual size: 59KB