280909214d9ee83d079875e8704dc7db9d864a89c9bbdaf409192265c17fc02c

Sharing

Copy URL Twitter E-mail

General

Target

280909214d9ee83d079875e8704dc7db9d864a89c9bbdaf409192265c17fc02c
Size

4.5MB
MD5

1958c92abbc55665d6d8f1731ebe58c6
SHA1

ff45c07a8e1b7be843a45a653a77dd8cce3280d5
SHA256

280909214d9ee83d079875e8704dc7db9d864a89c9bbdaf409192265c17fc02c
SHA512

c6b192969f2d08d886852f943ceef81f6a09fbd324c14d998272a3c354c91e83a3e79c564115fa1248bebad374b4c04e90aafdf192a98886107e4f53a7b8c00b
SSDEEP

98304:sgeOawCM3le1QTa9awcAaA9ZuBIWRIC+HpwSJhdk6ueWvEcMHNOkBlyJ1n:ReO1CM3le18akwcDUuBIWRIC+HpwSJh0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280909214d9ee83d079875e8704dc7db9d864a89c9bbdaf409192265c17fc02c

Files

280909214d9ee83d079875e8704dc7db9d864a89c9bbdaf409192265c17fc02c
.exe windows:5 windows x86 arch:x86

dba9ae0a6a22c00824abddc813422e98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\chency128809\Desktop\newlic\HLDeDog(信息解限码)\Release\HLDeDog.pdb

Imports

kernel32

FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
ExitProcess
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
SetErrorMode
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrlenA
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GlobalFindAtomW
GetVersionExW
CompareStringW
GetVersionExA
GetModuleHandleA
FormatMessageW
LocalFree
MulDiv
GetCurrentProcessId
SetLastError
GlobalAddAtomW
GlobalUnlock
lstrlenW
WritePrivateProfileStringW
FreeResource
GlobalFree
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetCurrentProcess
GetCurrentThread
DuplicateHandle
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateSemaphoreA
InitializeCriticalSection
ReleaseMutex
WaitForMultipleObjects
GetModuleFileNameA
Sleep
ResetEvent
WriteFile
CreateEventA
WaitForSingleObject
SetEvent
GetCurrentThreadId
ReadFile
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
DeviceIoControl
CloseHandle
CreateFileA
CreateMutexA
GetLastError
MultiByteToWideChar
OutputDebugStringW
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte

user32

DestroyMenu
UnregisterClassW
CharUpperW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
LoadCursorW
SetCapture
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
PostThreadMessageW
RegisterClassW
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
DefWindowProcW
CallWindowProcW
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
SendDlgItemMessageW
GetWindowTextLengthW
GetWindowTextW
SetFocus
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClipboardFormatW
GetClassInfoW
GetClientRect
DrawIcon
PostMessageW
GetNextDlgTabItem
EnableWindow
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
EndDialog
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxW
SetCursor
SetWindowsHookExW

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
CreateBitmap
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectW
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
SetWindowExtEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
SetSecurityDescriptorDacl
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
InitializeSecurityDescriptor

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysFreeString
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mark
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 676KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dba9ae0a6a22c00824abddc813422e98

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

setupapi

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 137KB - Virtual size: 136KB

.data Size: 15KB - Virtual size: 44KB

.mark Size: 512B - Virtual size: 128B

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 676KB - Virtual size: 680KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 137KB - Virtual size: 136KB

.data
Size: 15KB - Virtual size: 44KB

.mark
Size: 512B - Virtual size: 128B

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 676KB - Virtual size: 680KB