bd2f134f2d712960f565b6038b3b55ab84822c6d575e8b663ec019a627e8491aN

Sharing

Copy URL Twitter E-mail

General

Target

bd2f134f2d712960f565b6038b3b55ab84822c6d575e8b663ec019a627e8491aN
Size

2.0MB
MD5

0ac8ddab3dc55b605ca8444822ed1a80
SHA1

0c4c97825878f3fe5cf4cf676be4a6a32f5485b7
SHA256

bd2f134f2d712960f565b6038b3b55ab84822c6d575e8b663ec019a627e8491a
SHA512

3529434bf60a73ba93ee8108c479c7304b3d5211eed1b1224d79fd5040a4e978b006b27e1fb879be100321c4edaebf760fd16c355d834350527dadb4aeeb8819
SSDEEP

24576:hU5PgkAjdF7j8UcKAtsy50hOkQvkpbsvPb+Qeah5Z3SHa:KF+7j8UcKAh5JkQvkpbCiQeahjSHa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd2f134f2d712960f565b6038b3b55ab84822c6d575e8b663ec019a627e8491aN

Files

bd2f134f2d712960f565b6038b3b55ab84822c6d575e8b663ec019a627e8491aN
.exe windows:6 windows x86 arch:x86

2ce614060f6c2dac207536b98cef1cb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\projects\unikey\win-unikey\newkey\Release\UniKeyNT.pdb

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptVerifySignatureW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW

comctl32

InitCommonControlsEx

wininet

InternetOpenUrlW
InternetReadFileExW
InternetCloseHandle
InternetOpenW
InternetSetStatusCallbackW
HttpQueryInfoW

crypt32

CertFreeCertificateContext
CertCreateCertificateContext
CryptImportPublicKeyInfo

kernel32

GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
GetTempFileNameW
GetTempPathW
Sleep
LoadResource
LockResource
SizeofResource
FindResourceW
FreeLibrary
LoadLibraryW
HeapReAlloc
OutputDebugStringW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
FlushFileBuffers
SetStdHandle
MoveFileExW
GetFileSizeEx
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GlobalAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
HeapAlloc
HeapFree
GetCurrentThread
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
GetLocaleInfoEx
LocalFree
InitializeCriticalSectionEx
FormatMessageA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
LoadLibraryExA
GetModuleFileNameA
QueryFullProcessImageNameA
OpenProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalReAlloc
RaiseException
GetFileAttributesW
GetEnvironmentVariableW
MulDiv
WideCharToMultiByte
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
WaitForSingleObject
GetCurrentProcessId
GetVersionExW
GetLastError
CloseHandle
WriteFile
DeleteFileW
CreateFileW
GetTimeZoneInformation
HeapSize
SetEndOfFile
WriteConsoleW
GetSystemInfo
VirtualProtect
VirtualQuery
ReadFile

user32

ToAsciiEx
GetKeyboardState
SendInput
MapVirtualKeyA
GetForegroundWindow
EndDialog
DialogBoxParamW
CreateDialogParamW
CreateWindowExW
KillTimer
SetTimer
SetMenuDefaultItem
CheckMenuItem
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
SetClipboardData
GetClipboardOwner
CloseClipboard
OpenClipboard
LoadBitmapW
GetMenuItemInfoW
TrackPopupMenu
ModifyMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
DestroyMenu
GetMenuState
GetMenuStringW
LoadMenuW
IsDialogMessageW
LoadIconW
FindWindowW
GetCursorPos
MessageBeep
MessageBoxA
SetForegroundWindow
UpdateWindow
GetMenuDefaultItem
BringWindowToTop
IsWindow
RegisterClassExW
keybd_event
PostThreadMessageW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
GetSysColor
SetCursor
SetFocus
AppendMenuW
GetSystemMenu
EnableWindow
GetFocus
GetDlgCtrlID
DestroyWindow
LoadStringW
GetDesktopWindow
IntersectRect
ScreenToClient
GetWindowRect
SetWindowTextW
IsWindowVisible
SetWindowPos
ShowWindow
MessageBoxW
DestroyIcon
SetWindowLongW
GetWindowLongW
InflateRect
DrawFocusRect
GetClientRect
GetWindowTextW
InvalidateRect
DrawStateW
GetSystemMetrics
CallWindowProcW
DefWindowProcW
DrawFrameControl
LoadImageW
DestroyCursor
GetWindow
GetTopWindow
ReleaseDC
GetDC
SendDlgItemMessageW
GetDlgItem
SendMessageW
PostQuitMessage
GetClassNameA
GetWindowThreadProcessId
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
SetWinEventHook
UnhookWinEvent
GetClipboardData
GetKeyboardLayout
GetMessageA
DispatchMessageA
GetMessageExtraInfo
PostMessageA
GetKeyState
GetGUIThreadInfo

gdi32

SetBkColor
CreateCompatibleDC
ExtTextOutW
GetTextExtentPoint32W
GetStockObject
DeleteDC
GetDeviceCaps
BitBlt
GetObjectW
SetBkMode
CreateSolidBrush
CreateFontIndirectW
EnumFontFamiliesExW
SetTextColor
SelectObject
Rectangle
DeleteObject

shell32

Shell_NotifyIconW
ShellExecuteW
SetCurrentProcessExplicitAppUserModelID

ole32

PropVariantClear
CoTaskMemAlloc
CoInitialize
CoCreateInstance

imm32

ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmSetCompositionStringW
ImmSetOpenStatus
ImmCreateContext

Sections

.text
Size: 720KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 733KB - Virtual size: 733KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

minATL
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ce614060f6c2dac207536b98cef1cb5

Headers

File Characteristics

PDB Paths

Imports

comdlg32

advapi32

comctl32

wininet

crypt32

kernel32

user32

gdi32

shell32

ole32

imm32

Sections

.text Size: 720KB - Virtual size: 720KB

.rdata Size: 733KB - Virtual size: 733KB

.data Size: 52KB - Virtual size: 122KB

minATL Size: 512B - Virtual size: 12B

.rsrc Size: 567KB - Virtual size: 567KB

.text
Size: 720KB - Virtual size: 720KB

.rdata
Size: 733KB - Virtual size: 733KB

.data
Size: 52KB - Virtual size: 122KB

minATL
Size: 512B - Virtual size: 12B

.rsrc
Size: 567KB - Virtual size: 567KB