7562ef3687cfc6297be238ff05849badeabe8963c3952f1cf40b2d9dffcce67fN

Sharing

Copy URL

Twitter E-mail

General

Target

7562ef3687cfc6297be238ff05849badeabe8963c3952f1cf40b2d9dffcce67fN
Size

1.8MB
MD5

08c2b2e490868981fa263c82709b2d80
SHA1

7d6dcc0e3ceb2437b6fdc4516196ef1355220c50
SHA256

7562ef3687cfc6297be238ff05849badeabe8963c3952f1cf40b2d9dffcce67f
SHA512

50dabc7ba7432b11bcdd379a6eed458f10c646f41e7c0a7ec107aaa0c14ffe53358df75a382146c6883f07b2815cb502a0a784dcc217a00e0ac2dc0285c2f66c
SSDEEP

49152:myIO6XrnRNm5zuXp7jRG6wLvSpDiTEsnfDB1:XIOqrRXG6wL6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7562ef3687cfc6297be238ff05849badeabe8963c3952f1cf40b2d9dffcce67fN

Files

7562ef3687cfc6297be238ff05849badeabe8963c3952f1cf40b2d9dffcce67fN
.exe windows:6 windows x86 arch:x86

19d544dfd662bf50c426553dd7d5e408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CI\builds\AayrFFqV\0\windows\softwarelauncher\tmp\src\Release\apowersoft-software-launcher-cf796d4b.pdb

Imports

gdiplus

GdiplusStartup
GdipLoadImageFromStream
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
GdipAddPathArc
GdipFillRectangleI
GdipMeasureString
GdipCloneBrush
GdipStringFormatGetGenericTypographic
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetImageWidth
GdipGetPropertyItemSize
GdipDrawImageRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipAddPathLine
GdipDrawRectangleI
GdipCreateFontFromLogfontA
GdipCloneImage
GdipDeleteBrush
GdipAlloc
GdipDeletePath
GdipDisposeImage
GdipSetSmoothingMode
GdipCreatePath
GdipSetStringFormatLineAlign
GdipSetInterpolationMode
GdipCreateSolidFill
GdipSetStringFormatTrimming
GdipCreateFontFromDC
GdipFree
GdipDrawPath
GdipDrawString
GdipCreateFromHDC
GdipCloneStringFormat
GdipSetTextRenderingHint
GdiplusShutdown

kernel32

GlobalUnlock
GetACP
MultiByteToWideChar
ExitProcess
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
DeleteCriticalSection
GlobalAlloc
FormatMessageW
CreateDirectoryW
WriteFile
SetFilePointer
GetFileAttributesW
LocalFileTimeToFileTime
SystemTimeToFileTime
lstrcpyW
lstrcmpiW
GetLocalTime
lstrcpynW
GetStdHandle
GetFileType
PeekNamedPipe
WaitForMultipleObjects
FreeLibrary
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
Sleep
SleepEx
QueryPerformanceFrequency
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
VerifyVersionInfoA
SetLastError
WaitForSingleObjectEx
CreateFileA
GetFileSizeEx
CreateThread
OutputDebugStringW
InitializeSListHead
GetStartupInfoW
WideCharToMultiByte
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
SwitchToThread
GetCurrentThreadId
GetStringTypeW
AreFileApisANSI
GetTempPathW
SetFilePointerEx
SetEndOfFile
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindClose
DeleteFileW
GetCurrentDirectoryW
CreateFileW
lstrlenW
ReadFile
MulDiv
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
GetProcAddress
LoadLibraryW
FormatMessageA
GetSystemTime
LocalFree
GetTickCount
GetModuleHandleW
GetFileSize
IsDebuggerPresent
FindResourceW
LoadResource
GetSystemInfo
CloseHandle
LockResource
GetLastError
GetPrivateProfileStringW
FreeResource
GetUserPreferredUILanguages
GetVersionExW
WaitForSingleObject
ExpandEnvironmentStringsA
GetUserDefaultUILanguage
GetModuleFileNameW
TerminateProcess
GetModuleHandleExW
WritePrivateProfileStringW
SizeofResource
GlobalLock
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
LoadLibraryExW
RtlUnwind
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitThread
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
GetTimeZoneInformation
FlushFileBuffers
HeapReAlloc
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
WriteConsoleW

user32

MessageBoxW
GetWindowLongW
ReleaseDC
GetDC
MonitorFromPoint
EndPaint
BeginPaint
GetCursorPos
GetSystemMetrics
SetTimer
SetWindowLongW
KillTimer
PostQuitMessage
GetWindowTextLengthW
SetForegroundWindow
DrawTextA
wsprintfA
GetGUIThreadInfo
CreateAcceleratorTableW
GetWindowTextW
SetWindowTextW
MapVirtualKeyExW
GetKeyboardLayout
GetKeyNameTextW
IsWindowEnabled
UpdateWindow
InvalidateRgn
UpdateLayeredWindow
GetWindowRgn
FillRect
CharPrevW
DrawTextW
SetRect
GetCaretPos
HideCaret
CreatePopupMenu
TrackPopupMenu
SetCaretPos
ClientToScreen
CreateCaret
DestroyMenu
AppendMenuW
GetCaretBlinkTime
LoadImageW
ReleaseCapture
PtInRect
GetParent
SystemParametersInfoW
IsZoomed
GetClientRect
SetCapture
TranslateMessage
GetUpdateRect
CharNextW
SetFocus
IntersectRect
IsRectEmpty
GetSysColor
MapWindowPoints
GetMonitorInfoW
DispatchMessageW
ShowCaret
EnableMenuItem
InvalidateRect
SetWindowRgn
DefWindowProcW
CallWindowProcW
GetPropW
RegisterClassExW
ShowWindow
RegisterClassW
SetPropW
OffsetRect
IsWindow
GetActiveWindow
SendMessageW
MoveWindow
ScreenToClient
UnionRect
CreateWindowExW
MonitorFromWindow
SetWindowPos
IsWindowVisible
DestroyWindow
GetFocus
GetWindowRect
GetWindow
PostMessageW
GetKeyState
GetMessageW
SetCursor
LoadCursorW
InflateRect
EnableWindow
GetClassInfoExW
IsIconic

gdi32

Rectangle
GetObjectW
RestoreDC
DeleteObject
RemoveFontMemResourceEx
CreateFontIndirectW
GetDeviceCaps
CreatePen
CreateDIBSection
PtInRegion
CreateRectRgn
CreatePatternBrush
GetTextExtentPointA
SetBitmapBits
GetBitmapBits
DeleteDC
GetTextMetricsW
CreateEnhMetaFileW
GetEnhMetaFileHeader
GetStockObject
SetWindowOrgEx
PlayEnhMetaFile
CloseEnhMetaFile
CreateDIBitmap
CreateCompatibleDC
SelectObject
SaveDC
CreateCompatibleBitmap
AddFontMemResourceEx
BitBlt
CreateRoundRectRgn
GetObjectA
CombineRgn
ExtSelectClipRgn
CreateSolidBrush
CreatePenIndirect
SetBkColor
MoveToEx
GetCharABCWidthsW
SelectClipRgn
LineTo
SetBkMode
SetTextColor
GetTextExtentPoint32W
TextOutW
CreateRectRgnIndirect
GetClipBox
StretchBlt
SetStretchBltMode
GdiFlush

shell32

SHGetPathFromIDListW
ShellExecuteExW
ord28
SHCreateShellItem
SHGetSpecialFolderPathW
SHBrowseForFolderW
DragQueryFileW

ole32

CoInitializeSecurity
OleRun
CoInitializeEx
OleDuplicateData
DoDragDrop
CoSetProxyBlanket
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoUninitialize
CoTaskMemFree
CoCreateInstance
ReleaseStgMedium

oleaut32

VariantChangeType
SystemTimeToVariantTime
VariantInit
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SysFreeString
VariantClear
SysAllocString

advapi32

RegEnumValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
GetUserNameA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash

comctl32

ord17
_TrackMouseEvent
InitCommonControlsEx

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

wldap32

ord50
ord41
ord22
ord26
ord27
ord45
ord33
ord35
ord79
ord30
ord200
ord301
ord60
ord211
ord46
ord32
ord143

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertAddCertificateContextToStore
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

ws2_32

send
recv
closesocket
WSAGetLastError
gethostbyname
WSAStartup
gethostname
ntohl
bind
getsockname
htons
socket
listen
ntohs
WSACleanup
recvfrom
sendto
setsockopt
freeaddrinfo
getaddrinfo
htonl
ioctlsocket
getsockopt
getpeername
connect
WSASetLastError
select
__WSAFDIsSet
accept
WSAIoctl

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zero
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19d544dfd662bf50c426553dd7d5e408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

comctl32

imm32

wldap32

crypt32

version

ws2_32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 292KB - Virtual size: 291KB

.data Size: 17KB - Virtual size: 24KB

.rsrc Size: 295KB - Virtual size: 294KB

.reloc Size: 69KB - Virtual size: 69KB

.zero Size: 4KB - Virtual size: 3KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 292KB - Virtual size: 291KB

.data
Size: 17KB - Virtual size: 24KB

.rsrc
Size: 295KB - Virtual size: 294KB

.reloc
Size: 69KB - Virtual size: 69KB

.zero
Size: 4KB - Virtual size: 3KB