systeminformer-3[.]0[.]6264-setup[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

systeminformer-3.0.6264-setup.exe
Size

11.0MB
MD5

89b57d6f8e581102346b4fb85d0a7379
SHA1

ece482717d5ad32d49b1dd2db0352582ebcea67c
SHA256

484f3226f4f4f231ba4043f144417d3f480bc23825ddcabcef24ef9ec359bfde
SHA512

e00ed80dbcc8bb117dbb02c98e2f4671c2100911c9bbd347b4d553d2d6b23cfc7c5bd3dd791ffc514f487acc14fc6202ac6061eb806b3f4bbfb84b1437f74a79
SSDEEP

196608:wYarIzzZuo1UsEI/AejOIGkoBgK5PgsuF25w8hBnFsVJ1LvHuTwrIzzZqW5b6Oxy:wYmIson5o4RK5Pq26+BnFK7qoIPeOx2H

Score

1^/10

Malware Config

Signatures

Files

systeminformer-3.0.6264-setup.exe
.exe windows x86

46619c6c239011c9986cbf6fea2db49d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQueryDirectoryObject
NtCreateKey
RtlCreateSecurityDescriptor
NtCreateFile
NtQueryDirectoryFile
NtSetValueKey
NtWaitForSingleObject
NtOpenFile
RtlNtStatusToDosErrorNoTeb
NtCreateDirectoryObject
RtlInitializeSid
RtlRandomEx
NtQueryPerformanceCounter
RtlGetFullPathName_UEx
NtDelayExecution
RtlAddAccessAllowedAce
RtlFindMessage
RtlQueryPerformanceCounter
RtlCreateAcl
RtlExpandEnvironmentStrings_U
NtCreateEvent
NtSetEvent
NtReleaseKeyedEvent
NtWaitForKeyedEvent
NtCreateKeyedEvent
RtlUnwind
NtQueryAttributesFile
NtDeleteValueKey
RtlQueryEnvironmentVariable_U
NtQueryInformationToken
NtSetInformationFile
NtOpenProcess
NtQuerySystemInformationEx
RtlFreeUnicodeString
NtQuerySymbolicLinkObject
RtlConvertSidToUnicodeString
RtlDosPathNameToNtPathName_U_WithStatus
NtOpenKey
RtlSetDaclSecurityDescriptor
RtlSubAuthoritySid
NtEnumerateValueKey
NtOpenSymbolicLinkObject
NtOpenProcessToken
LdrAccessResource
RtlLeaveCriticalSection
RtlEnterCriticalSection
LdrFindResource_U
RtlCreateHeap
RtlSetHeapInformation
RtlGetVersion
NtQueryInformationProcess
NtQuerySystemInformation
RtlInterlockedPopEntrySList
RtlUnicodeToUTF8N
RtlFreeHeap
RtlCreateUserThread
RtlMultiByteToUnicodeSize
RtlMultiByteToUnicodeN
RtlUTF8ToUnicodeN
RtlReAllocateHeap
RtlUpcaseUnicodeChar
RtlAllocateHeap
RtlRaiseStatus
RtlInitializeSListHead
RtlInterlockedPushEntrySList
NtQueryMutant
NtQueryInformationFile
NtReadFile
NtWriteFile
NtDeleteKey
NtOpenMutant
NtTerminateProcess
NtClose
NtQueryValueKey
NtCreateMutant

kernel32

DecodePointer
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindNextFileW
HeapSize
GetLastError
GetNativeSystemInfo
MoveFileExW
TlsSetValue
TlsAlloc
TlsGetValue
IsProcessorFeaturePresent
GetLocaleInfoW
MultiByteToWideChar
FreeLibrary
LoadLibraryExW
FindFirstFileExW
FindClose
WideCharToMultiByte
SetFilePointerEx
HeapReAlloc
FlushFileBuffers
GetTimeZoneInformation
SetStdHandle
LCMapStringW
CompareStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
GetConsoleOutputCP
WriteFile
GetConsoleMode
CloseHandle
GetFileType
CreateFileW
TlsFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetProcAddress
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
WriteConsoleW

Sections

.text
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46619c6c239011c9986cbf6fea2db49d

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

Sections

.text Size: 244KB - Virtual size: 242KB

.rdata Size: 172KB - Virtual size: 170KB

.data Size: 8KB - Virtual size: 9KB

.didat Size: 4KB - Virtual size: 196B

.rsrc Size: 10.5MB - Virtual size: 10.5MB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 244KB - Virtual size: 242KB

.rdata
Size: 172KB - Virtual size: 170KB

.data
Size: 8KB - Virtual size: 9KB

.didat
Size: 4KB - Virtual size: 196B

.rsrc
Size: 10.5MB - Virtual size: 10.5MB

.reloc
Size: 12KB - Virtual size: 9KB