7529ba5637e68a480620b23ee596f55d7623b4051566b625366ce10f588c0431

Sharing

Copy URL Twitter E-mail

General

Target

7529ba5637e68a480620b23ee596f55d7623b4051566b625366ce10f588c0431
Size

6.8MB
MD5

20fa3f398970fcfb3d948db895feaa6c
SHA1

4c864cb2b22e03183fb8be39787c365eeced18a6
SHA256

7529ba5637e68a480620b23ee596f55d7623b4051566b625366ce10f588c0431
SHA512

100ecb2c1364269920166ff88d4ed0c7802b24fda5d38edd894f9deea42f5c8804e483ed128f028f1607344577520706b1b32874d08b709d0f5f7ec4989af56a
SSDEEP

196608:0GowAiccxVoKZU6A9yYlVc9zVcSDqvMi1i+:Vo28cTcD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7529ba5637e68a480620b23ee596f55d7623b4051566b625366ce10f588c0431

Files

7529ba5637e68a480620b23ee596f55d7623b4051566b625366ce10f588c0431
.dll windows:6 windows x86 arch:x86

8bd857476c314359b8d735f7087721d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work_ZG\GamepadMagicBox.还好吗哈哈\Temp\DevMgr\Release\DevMgr.pdb

Imports

setupapi

CM_Locate_DevNodeW
CM_Reenumerate_DevNode

kernel32

EncodePointer
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
GlobalFlags
GlobalFindAtomW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
VirtualProtect
lstrcpyW
FindResourceExW
VerifyVersionInfoW
GetProfileIntW
SearchPathW
GetTempFileNameW
GetUserDefaultLCID
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
SleepConditionVariableSRW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
SetErrorMode
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
LocalReAlloc
GetConsoleOutputCP
SetFilePointerEx
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
WriteConsoleW
GetFileType
GetStdHandle
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
RtlUnwind
GetCPInfo
CompareStringEx
LCMapStringEx
GetLocaleInfoEx
WakeConditionVariable
TryAcquireSRWLockExclusive
RaiseException
GetStringTypeW
CompareStringW
FileTimeToSystemTime
SetStdHandle
LocalAlloc
GlobalHandle
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalAddAtomW
GetPrivateProfileIntW
ResumeThread
SetThreadPriority
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleA
GetVersionExW
GetCurrentThread
OutputDebugStringA
SetLastError
CopyFileW
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
DeviceIoControl
WriteFile
CreateFileA
GetSystemTimeAsFileTime
CreateWaitableTimerW
CancelWaitableTimer
SetWaitableTimer
VerifyVersionInfoA
FormatMessageA
GetVersionExA
GetSystemDirectoryA
CreateMutexA
ReleaseMutex
CancelIoEx
GetOverlappedResult
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
QueryPerformanceFrequency
QueryPerformanceCounter
VerSetConditionMask
TlsFree
TlsSetValue
TlsAlloc
SleepConditionVariableCS
WakeAllConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
SleepEx
GlobalGetAtomNameW
TlsGetValue
GetDriveTypeW
GetLogicalDrives
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
FindResourceW
LoadResource
LockResource
SizeofResource
GetACP
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ResetEvent
CreateThread
SetEvent
Sleep
CreateEventW
WaitForMultipleObjects
IsWow64Process
GetTickCount
WideCharToMultiByte
GetLogicalDriveStringsA
GetLocalTime
GetTickCount64
MultiByteToWideChar
GetUserDefaultUILanguage
FindNextFileW
ReadFile
SetUnhandledExceptionFilter
ExitProcess
GetCurrentProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleHandleW
GetFileSize
GetWindowsDirectoryW
GetSystemDirectoryW
FindClose
GetTempPathW
GetModuleHandleExW
FindFirstFileW
LoadLibraryW
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteCriticalSection
LocalFree
DecodePointer
OutputDebugStringW
FormatMessageW
InitializeCriticalSectionEx
CreateDirectoryA
CreateProcessW
GetCurrentProcessId
CloseHandle
DeleteFileW
GetLastError
GetCurrentThreadId
CreateFileW
WaitForSingleObject
GetModuleFileNameW
TerminateProcess
GetModuleFileNameA
GetStartupInfoW
CreateDirectoryW
FreeEnvironmentStringsW
GetConsoleMode
SetEnvironmentVariableW

user32

CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
MonitorFromPoint
UpdateLayeredWindow
UnionRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
DrawEdge
SetParent
SetWindowRgn
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
GetKeyNameTextW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadImageW
TrackMouseEvent
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
IntersectRect
InflateRect
GetMenuItemInfoW
DestroyMenu
DestroyIcon
IsDialogMessageW
CheckDlgButton
LockWindowUpdate
UnregisterClassW
MessageBoxW
PostMessageW
SendMessageW
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
RegisterDeviceNotificationW
DestroyWindow
DefWindowProcW
GetWindowLongW
PostQuitMessage
LoadCursorW
RegisterClassExW
CreateWindowExW
SetWindowLongW
ShowWindow
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterDeviceNotification
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
GetFocus
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetParent
LoadBitmapW
PeekMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
EnableWindow
IsWindowEnabled
GetWindowThreadProcessId
GetLastActivePopup
CharUpperW
GetSystemMetrics
UnhookWindowsHookEx
GetWindowTextW
GetWindowTextLengthW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetClientRect
CopyImage
SystemParametersInfoW
DeleteMenu
GetDlgCtrlID
SetWindowTextW
GetWindowRect
ClientToScreen
PtInRect
GetDesktopWindow
GetClassNameW
GetWindow
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
SetRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
IsWindow
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
FillRect
ScreenToClient
EndPaint
BeginPaint
GetWindowDC
CreateMenu
GetWindowRgn
DestroyCursor

gdi32

SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
SetWindowExtEx
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
Polygon
SetBkMode
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
CopyMetaFileW
CreateDCW
GetDeviceCaps
CreateBitmap
DeleteDC
DeleteObject
BitBlt
CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

shell32

ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragFinish
SHAppBarMessage
SHBrowseForFolderW
DragQueryFileW

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SystemTimeToVariantTime
SysStringLen
VariantClear
VariantCopy
VariantChangeType
VarBstrFromDate
LoadTypeLi
VariantInit
VariantTimeToSystemTime
SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW
StrFormatKBSizeW

msimg32

AlphaBlend
TransparentBlt

uxtheme

DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
GetThemePartSize
DrawThemeText
GetThemeSysColor
OpenThemeData
CloseThemeData

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bd857476c314359b8d735f7087721d3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

shlwapi

msimg32

uxtheme

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 422KB - Virtual size: 422KB

.data Size: 34KB - Virtual size: 55KB

.rsrc Size: 4.3MB - Virtual size: 4.3MB

.reloc Size: 158KB - Virtual size: 158KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 422KB - Virtual size: 422KB

.data
Size: 34KB - Virtual size: 55KB

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

.reloc
Size: 158KB - Virtual size: 158KB