9b557355ba93aa3c3394c131bf41298a6c09dc76084b2f1949ce9a4bacef31a9

Sharing

Copy URL Twitter E-mail

General

Target

9b557355ba93aa3c3394c131bf41298a6c09dc76084b2f1949ce9a4bacef31a9
Size

2.1MB
MD5

31e4ce1b4a76da84051ea6f418b93685
SHA1

ecf11812fff8457521fb44f049f3496e9c61ecde
SHA256

9b557355ba93aa3c3394c131bf41298a6c09dc76084b2f1949ce9a4bacef31a9
SHA512

ba7891479a55d05e951a6e9aa59d4573d333e5458a67768f874e5fea7d1978741737908dbc2a4b1297445eafc72d688d247b74e664bd2df9b01ae9deec7e66b4
SSDEEP

49152:BhwEZyQYekL3BQ7oLtpJk5e3Cxi4a/OoE5roPiIcFxbLnkIKY6H6J:BhwEZQLReoxpJkk3x4KOxbLnkI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b557355ba93aa3c3394c131bf41298a6c09dc76084b2f1949ce9a4bacef31a9

Files

9b557355ba93aa3c3394c131bf41298a6c09dc76084b2f1949ce9a4bacef31a9
.dll windows:6 windows x86 arch:x86

2771ca3cc170a9734f899504389377ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work_ZG\GamepadMagicBox.还好吗哈哈\Temp\NetMgr\Release\NetMgr.pdb

Imports

winmm

PlaySoundW

wininet

InternetGetConnectedState

libcurl

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_setopt
curl_formadd
curl_formfree
curl_global_cleanup
curl_global_init
curl_slist_append
curl_slist_free_all

kernel32

UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GetCPInfo
CompareStringEx
GetLastError
LoadLibraryW
FreeLibrary
CreateDirectoryW
FindFirstFileW
GetModuleFileNameW
GetTempPathW
FindClose
CreateFileW
GetSystemDirectoryW
CloseHandle
GetWindowsDirectoryW
SearchPathW
GetFileSize
GetModuleHandleW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
ReadFile
GetUserDefaultUILanguage
GetTempFileNameW
GetProcAddress
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
VirtualProtect
GlobalGetAtomNameW
GlobalFindAtomW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
Sleep
GetFileAttributesW
FileTimeToLocalFileTime
CompareStringW
GlobalFlags
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryW
EncodePointer
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CopyFileW
MulDiv
GlobalFree
GlobalUnlock
GlobalSize
GlobalAddAtomW
GetPrivateProfileIntW
SetThreadPriority
WaitForSingleObject
lstrcmpiW
LoadLibraryA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleHandleA
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
DeleteCriticalSection
DecodePointer
InitializeCriticalSectionEx
GetACP
CreateDirectoryA
GetModuleFileNameA
WideCharToMultiByte
LocalFree
DeleteFileW
OutputDebugStringW
GetTickCount64
FormatMessageW
MultiByteToWideChar

user32

DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
IntersectRect
InflateRect
GetMenuItemInfoW
DestroyMenu
DestroyIcon
SendMessageW
LoadCursorW
GetSysColorBrush
IsDialogMessageW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
SetRect
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
FillRect
GetSysColor
ScreenToClient
EndPaint
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
UpdateWindow
KillTimer
SetTimer
RealChildWindowFromPoint
GetWindow
GetClassNameW
GetDesktopWindow
PtInRect
UnregisterClassW
PostMessageW
PostQuitMessage
CharUpperW
GetSystemMetrics
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ClientToScreen
GetWindowRect
GetWindowTextW
SetWindowTextW
GetDlgCtrlID
DeleteMenu
SystemParametersInfoW
CopyImage
GetClientRect
UnhookWindowsHookEx
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowLongW
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
RemoveMenu
AppendMenuW
InsertMenuW
CopyAcceleratorTableW
MessageBoxW
DestroyCursor
GetWindowRgn
ShowScrollBar
CreateMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
CloseClipboard

gdi32

GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetClipBox
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCW
CopyMetaFileW
CombineRgn
GetBkColor
CreateBitmap

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

SHGetPathFromIDListW
SHGetDesktopFolder
DragQueryFileW
SHGetFileInfoW
SHGetSpecialFolderLocation
DragFinish
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW

ole32

CoDisconnectObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx

oleaut32

VarBstrFromDate
SysAllocString
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantCopy
VariantChangeType

shlwapi

StrFormatKBSizeW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

msimg32

TransparentBlt
AlphaBlend

uxtheme

OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
DrawThemeParentBackground
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
GetCurrentThemeName
DrawThemeText

urlmon

URLDownloadToFileA

netapi32

Netbios

gdiplus

GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipDrawImageI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

vcruntime140

__std_exception_destroy
__std_exception_copy
wcschr
wcsstr
__CxxFrameHandler3
memcpy
memmove
memset
memcmp
_CxxThrowException
wcsrchr
_except_handler4_common
__current_exception
__current_exception_context
__std_type_info_destroy_list
__uncaught_exception
memchr
__std_terminate
_purecall

api-ms-win-crt-stdio-l1-1-0

ungetwc
__stdio_common_vsnwprintf_s
fseek
fgetpos
_fseeki64
__stdio_common_vswprintf
__stdio_common_vswscanf
fsetpos
setvbuf
fopen_s
fgetwc
fflush
fclose
fwrite
__acrt_iob_func
fread
_get_stream_buffer_pointers
_wfsopen
ungetc
fputc
fgetc
_fsopen
__stdio_common_vswprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
fputwc

api-ms-win-crt-filesystem-l1-1-0

_waccess_s
_wsplitpath_s
_wmakepath_s
_unlock_file
_lock_file

api-ms-win-crt-runtime-l1-1-0

_endthread
abort
_resetstkoflw
terminate
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_cexit
_crt_atexit
_errno
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_register_onexit_function
_invalid_parameter_noinfo
_initialize_narrow_environment
_initialize_onexit_table
_beginthread

api-ms-win-crt-convert-l1-1-0

_wtol
strtod
strtoull
_wtoi
strtoll
strtof

api-ms-win-crt-string-l1-1-0

strcspn
toupper
isspace
wcscmp
__strncnt
strlen
wcsspn
_wcsdup
_wcsicmp
wcscspn
_wcslwr_s
_wcsicoll
wcsncmp
isupper
towlower
towupper
iswprint
isdigit
iswdigit
iswalpha
iswalnum
wcscpy_s
wcscoll
iswspace
wcscat_s
wcslen
wcsnlen
_wcsupr_s
wmemcpy_s
islower
tolower
wcsncpy_s
strcpy_s
wcspbrk

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_expand
calloc
_msize

api-ms-win-crt-time-l1-1-0

strftime
_Strftime
wcsftime
clock
_time64
_Wcsftime
_W_Gettnames
_localtime64
_Gettnames
_Getdays
_W_Getmonths
_localtime64_s
_mktime64
_W_Getdays
_Getmonths

api-ms-win-crt-utility-l1-1-0

labs
ldiv
rand_s
abs

api-ms-win-crt-locale-l1-1-0

setlocale
__pctype_func
___lc_locale_name_func
___mb_cur_max_func
___lc_collate_cp_func
_unlock_locales
_lock_locales
___lc_codepage_func
localeconv

api-ms-win-crt-math-l1-1-0

frexp
_dclass
_dsign
atan2
sin
ceil
floor
cos
sqrt
exp

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2771ca3cc170a9734f899504389377ce

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

wininet

libcurl

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

uxtheme

urlmon

netapi32

gdiplus

oleacc

imm32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 339KB - Virtual size: 338KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 142KB - Virtual size: 142KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 339KB - Virtual size: 338KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 142KB - Virtual size: 142KB