104bcc38e53bc821689fa0dcec45cf38c8ac4e02dbadb3cfda8605d73c1d80b2

Sharing

Copy URL Twitter E-mail

General

Target

104bcc38e53bc821689fa0dcec45cf38c8ac4e02dbadb3cfda8605d73c1d80b2
Size

3.2MB
MD5

d01ae91417b39a07965521537b29ede3
SHA1

a63ae962fadbe8c642f0f4e5d21ab97fcadd704a
SHA256

104bcc38e53bc821689fa0dcec45cf38c8ac4e02dbadb3cfda8605d73c1d80b2
SHA512

be4b355091eb274b4d7e59b1a3b2c65cb113c5b733052500c0d30db87f499f8779428195c28444b4433da4fbf09d503531001b5c0696da3e87e63655f929d6c0
SSDEEP

49152:WIGhko4clBAJai+W7wtPrjKDE0tG234dD4YsT8QKr82volilQ7x2KruAIg/:WD8E0EdD3WS82volilQVqAIg/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
104bcc38e53bc821689fa0dcec45cf38c8ac4e02dbadb3cfda8605d73c1d80b2

Files

104bcc38e53bc821689fa0dcec45cf38c8ac4e02dbadb3cfda8605d73c1d80b2
.exe windows:6 windows x64 arch:x64

8339d6be81ddacfc4498d9b57142f80a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Mori\Documents\Projects\OSD_20240227\GTIII-OSD\Code\x64\Release\GTIII-OSDCtrl.pdb

Imports

psapi

GetModuleFileNameExA

kernel32

QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
CreateFileW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlPcToFileHeader
RtlUnwindEx
GetStringTypeW
LCMapStringW
CompareStringW
SwitchToThread
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
CreateEventW
VerSetConditionMask
VerifyVersionInfoW
GetProcAddress
GetModuleHandleA
GetCurrentProcess
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
FindResourceW
CloseHandle
OpenProcess
GetNativeSystemInfo
IsWow64Process
FormatMessageA
lstrlenA
LocalAlloc
OutputDebugStringA
LocalFree
CreateProcessA
GetLastError
CreateMutexA
ReleaseMutex
CreateEventA
LoadLibraryA
FreeLibrary
CreateThread
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
WaitForSingleObject
ResetEvent
SetEvent
UnmapViewOfFile
HeapFree
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GlobalAlloc
GlobalSize
GlobalLock
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetUserDefaultLCID
GetTempFileNameA
Sleep
SearchPathA
GetProfileIntA
GetTempPathA
VerifyVersionInfoA
FindResourceExW
lstrcpyA
GetWindowsDirectoryA
GetTickCount
GlobalUnlock
GlobalFree
MulDiv
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetVolumeInformationA
lstrcmpiA
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
CreateFileA
GetCPInfo
GetOEMCP
VirtualProtect
GetACP
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
GetThreadLocale
FileTimeToSystemTime
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentProcessId
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleW
FindResourceA
FreeResource
CompareStringA
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
lstrcmpA
GlobalDeleteAtom
LoadLibraryW
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
GetModuleFileNameA
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
MultiByteToWideChar
CopyFileA

user32

ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
LockWindowUpdate
FrameRect
CopyIcon
SetCursorPos
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowRgn
SetClassLongPtrA
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
DrawFocusRect
PostThreadMessageA
SetParent
UnionRect
MapVirtualKeyA
GetKeyNameTextA
LoadImageW
TrackMouseEvent
GetMenuDefaultItem
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
LoadImageA
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
CharUpperA
DestroyIcon
GetAsyncKeyState
SetRectEmpty
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableA
OffsetRect
CharNextA
InvalidateRect
LoadAcceleratorsW
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
LoadCursorA
GetSysColorBrush
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
CreateAcceleratorTableA
RegisterWindowMessageA
PostMessageA
GetClassNameW
GetWindowThreadProcessId
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
DestroyAcceleratorTable
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
ShowScrollBar
GetScrollRange
CreateMenu
GetWindowRgn
DestroyCursor
KillTimer
IsWindowVisible
EnumChildWindows
GetForegroundWindow
FindWindowA
GetClassNameA
LoadIconW
GetSystemMenu
AppendMenuA
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
UnregisterClassA
GetMenuStringA
GetMenuState
SetScrollRange
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
ShowWindow
MoveWindow
CheckDlgButton
SendDlgItemMessageA
GetDlgCtrlID
SetFocus
GetFocus
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetKeyState
GetCapture
GetMenu
SetMenu
TrackPopupMenu
UpdateWindow
SetForegroundWindow
BeginPaint
EndPaint
ValidateRect
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos

gdi32

GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
ExcludeClipRect
CombineRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
CreateCompatibleBitmap
EnumFontFamiliesExA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CopyMetaFileA
CreateDCA
GetDeviceCaps
SetBkColor
SetTextColor
GetObjectA
CreateBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
GetTextExtentPoint32A
ExtTextOutA
GetTextMetricsA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
OpenProcessToken
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA

uxtheme

GetThemeColor
IsAppThemed
GetThemeSysColor
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemePartSize
GetCurrentThemeName
GetWindowTheme

ole32

OleFlushClipboard
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleIsCurrentClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter

oleaut32

VariantChangeType
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysFreeString
VariantCopy
SysAllocStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantClear
SysAllocStringByteLen

oledlg

ord8

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdipCreateBitmapFromScan0

imm32

ImmGetContext
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 670KB - Virtual size: 669KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 596KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8339d6be81ddacfc4498d9b57142f80a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

psapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 670KB - Virtual size: 669KB

.data Size: 32KB - Virtual size: 541KB

.pdata Size: 90KB - Virtual size: 90KB

.gxfg Size: 11KB - Virtual size: 10KB

.gehcont Size: 512B - Virtual size: 20B

.rsrc Size: 596KB - Virtual size: 600KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 670KB - Virtual size: 669KB

.data
Size: 32KB - Virtual size: 541KB

.pdata
Size: 90KB - Virtual size: 90KB

.gxfg
Size: 11KB - Virtual size: 10KB

.gehcont
Size: 512B - Virtual size: 20B

.rsrc
Size: 596KB - Virtual size: 600KB