ISDM[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ISDM.exe
Size

208KB
MD5

c921576e467558d10f0b9c9b55e30ef7
SHA1

ca2e400a6154f3128147a61c72b9a6f5015ba8d2
SHA256

3c45513ae3428d8dbc34395a69c5db2ac349f6cba2c40034ab5a2004f748c762
SHA512

f1e37065af0bea4ebb4221f81814e5dcb99c37dd31e54b27698e45c10ac2955ffa4981729ca4fe3210471e7a35e0216086c22b8d89ba529df7aacea23778356d
SSDEEP

3072:QZIlRqFyA+WzVxJWo2swejdNPI/KDi5YIpMepd4BB6v0EFPTJCKJYC++p:QZz4BWRljK5YIld4HmvY

Score

N/A

Malware Config

Signatures

Files

ISDM.exe
.exe windows x86

713190e309fe00158bba9ef0bfc4efce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
EnterCriticalSection
lstrcpyA
LocalFree
FormatMessageA
DeleteFileA
WriteFile
Sleep
InterlockedDecrement
QueryPerformanceFrequency
CreateFileA
ReadFile
CopyFileA
GetTempFileNameA
GetTempPathA
SetFilePointer
GetFileSize
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
lstrlenW
LeaveCriticalSection
CompareStringW
GetVersionExA
CreateProcessA
FlushInstructionCache
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetShortPathNameA
GetModuleFileNameA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
SetUnhandledExceptionFilter
GetCommandLineA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetCurrentThreadId
WideCharToMultiByte
GetTickCount
ResetEvent
lstrlenA
MultiByteToWideChar
WaitForSingleObject
GetLastError
SetEvent
lstrcatA
CompareStringA
CreateThread
GetStringTypeA
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
CloseHandle
CreateEventA
GetVersion
GetStartupInfoA
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
MapViewOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
SetLastError
SearchPathA
UnmapViewOfFile
VirtualProtect
VirtualQuery
FindFirstFileA
CreateFileMappingA
GetWindowsDirectoryA
IsBadCodePtr
SystemTimeToFileTime
FindClose
QueryPerformanceCounter

user32

GetDesktopWindow
wsprintfA
RegisterClassExA
LoadCursorA
CharLowerBuffA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
IsWindow
MessageBoxA
LoadStringA
GetClassInfoExA
PostThreadMessageA
DefWindowProcA
DestroyWindow
SendMessageA
GetMessageA
CharNextA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA
RegQueryValueA
RegEnumKeyA

ole32

CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
StringFromGUID2
ProgIDFromCLSID
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

CreateErrorInfo
VarUI4FromStr
DispCallFunc
SysStringLen
SetErrorInfo
LoadRegTypeLi
SysFreeString
VariantClear
SysAllocStringLen
LoadTypeLi
SysAllocString
RegisterTypeLi
GetErrorInfo

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

713190e309fe00158bba9ef0bfc4efce

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

version

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 40KB - Virtual size: 39KB