d86d66a8c810f49dd7a06c0cb1d7ba82deb83dc2c4cf9f98db2237db36535e27

Sharing

Copy URL

Twitter E-mail

General

Target

d86d66a8c810f49dd7a06c0cb1d7ba82deb83dc2c4cf9f98db2237db36535e27
Size

1.8MB
MD5

7662dcad23ca2cc00ab92f4f80b550a0
SHA1

6129026fc4ba2d786d244ad4abcce18953254f9e
SHA256

d86d66a8c810f49dd7a06c0cb1d7ba82deb83dc2c4cf9f98db2237db36535e27
SHA512

ada73ed3d89ce4c56e558e9546bff8863785d90c9396abf80e52c318f5f93be7fef68c3e0442280ce9c0d1d94b3a7c125153f5aa01b505dd1c67a4a75134234a
SSDEEP

49152:t+rDXvNcXL4xRDgUzNtgTkKG43kZptJtJS6FQYQwa:toNcXul9zNtgTkKGskftJt9FQYQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d86d66a8c810f49dd7a06c0cb1d7ba82deb83dc2c4cf9f98db2237db36535e27

Files

d86d66a8c810f49dd7a06c0cb1d7ba82deb83dc2c4cf9f98db2237db36535e27
.exe windows:5 windows x86 arch:x86

19cbefb73d15998d9f87384d9ac15f28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ButtonManager2\Output\Release\moon.pdb

Imports

kernel32

GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
WriteConsoleW
SetEnvironmentVariableA
GetStringTypeA
LCMapStringA
GetLocaleInfoA
GetStringTypeW
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapSize
GetFileType
SetStdHandle
CreateThread
ExitThread
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetFileSize
GetFileAttributesW
lstrcpyW
GlobalFlags
GetCurrentDirectoryW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GetThreadLocale
GlobalGetAtomNameW
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetModuleHandleA
GetCurrentProcessId
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
WritePrivateProfileStringW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetModuleHandleW
SetLastError
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
lstrlenA
WideCharToMultiByte
GetVersionExW
GetPrivateProfileIntW
GlobalFree
GlobalAlloc
CloseHandle
CreateFileA
DeleteFileW
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLogicalDrives
FreeLibrary
GetProcAddress
LoadLibraryW
Sleep
WaitForSingleObject
GetTickCount
MultiByteToWideChar
LocalFree
GetLastError
FormatMessageW
lstrlenW
LocalAlloc
GetCommandLineW
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleOutputCP

user32

EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
UnregisterClassW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
InvalidateRect
IsMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
LoadMenuW
SetRectEmpty
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
LoadCursorW
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetMenuItemInfoW
InflateRect
GetWindowThreadProcessId
ShowOwnedPopups
SetCursor
SetMenuDefaultItem
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetClassInfoW
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
GetMenuDefaultItem
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
IsClipboardFormatAvailable
GetMessageW
RegisterDeviceNotificationW
IsIconic
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
DestroyMenu
GetSystemMetrics
GetClientRect
DrawIcon
SetTimer
KillTimer
EnableWindow
GetWindowLongW
GetWindowTextW
FindWindowW
PostMessageW
EnumWindows
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
GetMenuStringW
GetMenuState
PostQuitMessage
IsZoomed
RedrawWindow
MessageBeep
OffsetRect
SystemParametersInfoW
WinHelpW
UnhookWindowsHookEx
GetWindow
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPos
SetWindowLongW
GetMenu
PtInRect
CopyRect
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
UpdateLayeredWindow

gdi32

OffsetRgn
GetRgnBox
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
PatBlt
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
CreateRectRgnIndirect
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
Escape
TextOutW
RectVisible
CreateSolidBrush
CreateHatchBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetPaletteEntries
GetDeviceCaps
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
SelectObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueW
RegOpenKeyW

shell32

DragQueryFileW
DragFinish
SHGetFileInfoW
SHGetPathFromIDListW
SHAppBarMessage
SHGetSpecialFolderPathW
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleDestroyMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoLockObjectExternal
CoGetClassObject
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
RevokeDragDrop
CoTaskMemFree
RegisterDragDrop
StgOpenStorageOnILockBytes

oleaut32

SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect
VariantTimeToSystemTime

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

flag_moo
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19cbefb73d15998d9f87384d9ac15f28

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

version

imm32

winmm

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 284KB - Virtual size: 284KB

.data Size: 25KB - Virtual size: 52KB

flag_moo Size: 512B - Virtual size: 1B

.rsrc Size: 83KB - Virtual size: 82KB

.reloc Size: 141KB - Virtual size: 141KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 284KB - Virtual size: 284KB

.data
Size: 25KB - Virtual size: 52KB

flag_moo
Size: 512B - Virtual size: 1B

.rsrc
Size: 83KB - Virtual size: 82KB

.reloc
Size: 141KB - Virtual size: 141KB