799c3104265180e35d502af137c228a149e9da6d4f9649cf3ae894a3ccac420e

Sharing

Copy URL

Twitter E-mail

General

Target

799c3104265180e35d502af137c228a149e9da6d4f9649cf3ae894a3ccac420e
Size

4.9MB
MD5

d0c220c08ca42e5aefdbe16182437d16
SHA1

58a3e0d4d99126e6dcfa6b447f887a501aac17a2
SHA256

799c3104265180e35d502af137c228a149e9da6d4f9649cf3ae894a3ccac420e
SHA512

0af321e5d1cd80977dc62a2cafaa5476c1779fc837909a6caef72811045320914d68c8f6fa5e21e396039f9027ffc6ded9b6e67f72f97eb7cd7ff374169d867a
SSDEEP

98304:bXsrSs8klHHgshNdkARlbwSvFz23CTEOmmgbQ9+ctpN2LFrVolCNXuKV3EWEUDv9:bXgX8H+kADwIf+JLFrV5+I31vDvXAAM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
799c3104265180e35d502af137c228a149e9da6d4f9649cf3ae894a3ccac420e

Files

799c3104265180e35d502af137c228a149e9da6d4f9649cf3ae894a3ccac420e
.exe windows:6 windows x86 arch:x86

d997b992b8ea69af6cfb7e3bb7ad1a70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\yutza\เดสก์ท็อป\Logon_PK20240612\LogonThai\Release\Logon.pdb

Imports

kernel32

GetLastError
GetModuleHandleA
GetProcAddress
GetCurrentDirectoryA
GetDriveTypeA
GetLogicalDrives
GetModuleFileNameA
WriteConsoleW
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateFileW
SetConsoleCtrlHandler
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetConsoleOutputCP
GetTimeZoneInformation
GetDriveTypeW
GetStringTypeW
ReadConsoleW
GetConsoleMode
GetFileAttributesExW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
SetFilePointerEx
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
GetFullPathNameW
VirtualQuery
FileTimeToSystemTime
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetLocalTime
GetFileInformationByHandle
WideCharToMultiByte
SetFileTime
SetFilePointer
LocalFileTimeToFileTime
GetFileAttributesA
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
DecodePointer
WinExec
MultiByteToWideChar
MoveFileExA
CopyFileA
FindResourceA
lstrlenA
lstrcpyA
LoadLibraryA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
GetTickCount
OpenProcess
CreateProcessA
CreateRemoteThread
CreateThread
GetCurrentProcessId
CreateEventA
Beep
GetTempPathA
WriteFile
SetFileAttributesA
RemoveDirectoryA
ReadFile
GetFileSize
CreateFileA
CreateDirectoryA
SetCurrentDirectoryA
WaitForSingleObject
CloseHandle
DeleteFileA
GetCommandLineW
VirtualAlloc
GetSystemInfo
GetModuleHandleExW
ExitProcess
FindResourceW
SizeofResource
LockResource
SystemTimeToFileTime
SetLastError
GlobalAlloc
GlobalSize
GlobalUnlock
GlobalLock
GlobalFree
LocalFree
MulDiv
FormatMessageA
OutputDebugStringA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
SystemTimeToTzSpecificLocalTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
SetThreadPriority
SuspendThread
ResumeThread
GetCurrentThread
GetVersionExA
lstrcmpA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetThreadLocale
GetStringTypeExA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetAtomNameA
GetACP
GlobalFlags
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetDiskFreeSpaceA
GetTempFileNameA
ReplaceFileA
GetUserDefaultLCID
SetErrorMode
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
GetTickCount64
GetProfileIntA
SearchPathA
Sleep
LocalLock
LocalUnlock
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RaiseException
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadResource

user32

SetMenu
TrackPopupMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetWindowTextLengthA
ScreenToClient
MapWindowPoints
EqualRect
PtInRect
GetClassLongA
GetClassNameA
GetTopWindow
GetLastActivePopup
GetWindow
SetWindowsHookExA
UnhookWindowsHookEx
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
MoveWindow
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
IsWindowEnabled
ScrollWindowEx
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
IntersectRect
GetWindowThreadProcessId
LoadBitmapA
SetCapture
ReleaseCapture
SetTimer
KillTimer
IsRectEmpty
SystemParametersInfoA
GetMessageA
TranslateMessage
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
CharUpperA
GetMenuItemInfoA
WaitMessage
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
InsertMenuItemA
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
IsZoomed
GetKeyNameTextA
MapVirtualKeyA
GetSysColorBrush
LoadCursorA
TrackMouseEvent
LoadImageW
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
GetDialogBaseUnits
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
DeleteMenu
GetNextDlgGroupItem
MessageBeep
UnionRect
GetSystemMenu
SetParent
DrawIconEx
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
EnumDisplayMonitors
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetClassLongA
DrawEdge
DrawFrameControl
LoadMenuW
GetCapture
CopyIcon
LoadAcceleratorsW
RegisterClipboardFormatA
GetDCEx
LockWindowUpdate
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageA
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
EnumChildWindows
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
SendNotifyMessageA
MonitorFromRect
InSendMessage
CreateMenu
WindowFromDC
GetWindowRgn
GetTabbedTextExtentA
GetTabbedTextExtentW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetRectEmpty
SendDlgItemMessageA
RemoveMenu
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
SendMessageA
SetWindowPos
EnableWindow
PostMessageA
GetWindowDC
ReleaseDC
SetWindowRgn
InvalidateRect
GetClientRect
GetWindowRect
LoadImageA
GetNextDlgTabItem
GetActiveWindow
LoadMenuA
DestroyMenu
GetSubMenu
TrackPopupMenuEx
DrawStateA
GetDC
SetCursor
ClientToScreen
WindowFromPoint
GetSysColor
DrawFocusRect
FillRect
FrameRect
CopyRect
InflateRect
OffsetRect
GetWindowLongA
GetParent
DestroyCursor
DestroyIcon
CreateIconIndirect
GetMessagePos
GetIconInfo
IsWindow
RedrawWindow
SetWindowLongA
GetFocus
MessageBoxA
AdjustWindowRectEx
wsprintfA
SetLayeredWindowAttributes
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsIconic
GetSystemMetrics
CreatePopupMenu
AppendMenuA
DrawIcon
GetCursorPos
CallNextHookEx
LoadCursorW
LoadIconA
LoadIconW
CreateIconFromResource
PeekMessageA
PostQuitMessage
UnregisterClassA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDesktopWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetMenu
CallWindowProcA
DefWindowProcA
GetMessageTime
SetMenuItemInfoA
DispatchMessageA
RegisterWindowMessageA
SetCursorPos
LoadBitmapW

gdi32

ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocA
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
CopyMetaFileA
GetMapMode
SelectClipRgn
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
CreateDIBSection
LPtoDP
GetTextExtentPoint32A
GetTextMetricsA
GetTextColor
GetRgnBox
CreateFontA
GetCharWidthA
StretchDIBits
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
RestoreDC
EnumFontFamiliesA
GetTextCharsetInfo
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
EnumFontFamiliesExA
Rectangle
OffsetRgn
GetCurrentObject
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
PatBlt
SaveDC
CloseMetaFile
CreateMetaFileA
DeleteMetaFile
EndDoc
StartPage
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
CreatePatternBrush
CreatePen
GetTextFaceA
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
DeleteObject
GetBkColor
GetDIBits
SelectObject
StretchBlt
GetObjectA
CreateBitmap
DeleteDC
GetPixel
GetStockObject
SetBkColor
SetPixel
SetTextColor
CreateSolidBrush
Escape
PtVisible
RectVisible
TextOutA
ExtTextOutA
EndPage
CreateHatchBrush
CreateDIBPatternBrushPt
GetDeviceCaps
CreateDCA
CreateDIBitmap
CreateRectRgnIndirect
GetBkMode
GetROP2
SetAbortProc
AbortDoc

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
IsTextUnicode
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExW
SetFileSecurityA
GetFileSecurityA
RegEnumValueA
RegEnumKeyExA

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconA
SHAddToRecentDocs
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA
CommandLineToArgvW
SHAppBarMessage
SHGetFileInfoA
DragQueryFileA
DragFinish

ole32

RegisterDragDrop
RevokeDragDrop
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
WriteClassStm
GetHGlobalFromILockBytes
CreateGenericComposite
CreateItemMoniker
OleCreate
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleQueryLinkFromData
OleQueryCreateFromData
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
OleRun
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
PropVariantCopy
CoDisconnectObject
StringFromGUID2
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
OleDraw
CreateStreamOnHGlobal
SetConvertStg
OleRegGetUserType
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoLockObjectExternal
CoUninitialize
CoCreateInstance
CoInitialize
OleGetClipboard

msimg32

AlphaBlend
TransparentBlt

comctl32

_TrackMouseEvent

shlwapi

StrFormatKBSizeA
PathStripToRootA
PathIsUNCA
PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecA
PathRemoveFileSpecW
PathFindExtensionA

uxtheme

GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetWindowTheme
GetThemePartSize
IsAppThemed

oledlg

ord8

urlmon

URLDownloadToFileA

winmm

PlaySoundA

wininet

HttpQueryInfoA
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenA
InternetConnectA
InternetOpenUrlA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA
InternetSetOptionA

ws2_32

recvfrom
recv
ntohs
select
inet_ntoa
inet_addr
htons
sendto
accept
bind
closesocket
connect
getpeername
getsockname
send
socket
gethostbyname
WSAStartup
WSACleanup
WSASetLastError
WSAGetLastError
WSAAsyncSelect
htonl

gdiplus

GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
GetJobA

oleaut32

VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
VarBstrFromDec
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
SysStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantChangeType
VariantClear
VarDecFromStr
OleCreateFontIndirect
SafeArrayCreateVector
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SafeArrayRedim

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d997b992b8ea69af6cfb7e3bb7ad1a70

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msimg32

comctl32

shlwapi

uxtheme

oledlg

urlmon

winmm

wininet

ws2_32

gdiplus

oleacc

imm32

winspool.drv

oleaut32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 567KB - Virtual size: 567KB

.data Size: 32KB - Virtual size: 93KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 209KB - Virtual size: 209KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 567KB - Virtual size: 567KB

.data
Size: 32KB - Virtual size: 93KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 209KB - Virtual size: 209KB