DriverWizard[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DriverWizard.exe
Size

695KB
MD5

44cc822f5d0a275d0f1b49fd260b5cfa
SHA1

241afd58077fa1900d99fe7037ec82188b0047d6
SHA256

4439d9dab4b872bd398600d6f8e72e3f8e4eedeaab81eb044e0d617ca47be046
SHA512

735e91830e7cc6bdcb88f4289666134e28fe4bf74cb6fe00703a722506107b20a54bc8a6c378d6c1375fb27cb2bb21a38fe032a74053bc3c936c72ec0533462c
SSDEEP

6144:PjfXfVLRilEEaQSaEmwe3OF8x1+Ui9lKG4rzexy38hkx+RjI/M4bqzNP7DAOXc9Q:PDt4dQNem9lzXo/MlzrXc9TVCYG

Score

1^/10

Malware Config

Signatures

Files

DriverWizard.exe
.exe windows x86

06fb7433ae78f375c04adc0ca1fbe9f2

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:e8:1d:a6:72:36:9b:55:3d:0e:3f:7d:1e:b0:3d:c9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

20/07/2006, 00:00

Not After

14/09/2009, 23:59

Subject

CN=Seagull Scientific\, Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=BarTender Development,O=Seagull Scientific\, Inc,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

psapi

GetModuleFileNameExA
EnumProcesses
EnumProcessModules

kernel32

FileTimeToSystemTime
FindFirstFileA
VirtualProtect
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
FindResourceExA
SetErrorMode
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RemoveDirectoryA
FindNextFileA
GetStartupInfoA
ExitProcess
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
LCMapStringA
GetStringTypeA
GetStringTypeW
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTimeZoneInformation
GetDriveTypeA
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FindClose
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
MulDiv
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateProcessW
GetModuleFileNameW
SetFileTime
SetFileAttributesW
GetTempFileNameW
GetTempPathW
GetFileSize
SetFilePointer
WriteFile
ReadFile
SetEndOfFile
CreateFileW
LocalFileTimeToFileTime
DosDateTimeToFileTime
FileTimeToLocalFileTime
MoveFileExW
LCMapStringW
CreateThread
GetFileTime
CompareFileTime
GetCurrentDirectoryA
GetDefaultCommConfigA
GetACP
DeviceIoControl
LocalAlloc
CreateDirectoryA
SetLastError
FormatMessageA
LocalFree
OpenProcess
GetProfileStringA
WriteProfileStringA
CopyFileA
GetTempFileNameA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetTickCount
Sleep
SetFileAttributesA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFileAttributesA
GetModuleHandleA
GetProcAddress
lstrlenA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetLocaleInfoA
LoadLibraryA
GetCommandLineA
FreeLibrary
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileA
CloseHandle
DeleteFileA
GetModuleFileNameA
GetTempPathA
MoveFileExA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetCurrentProcess
GetLastError
GetProcessHeap

user32

DestroyMenu
UnregisterClassA
LoadCursorA
GetSysColorBrush
InvalidateRect
DrawFocusRect
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
ReleaseDC
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MapDialogRect
ShowWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextA
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetAsyncKeyState
GetWindowRect
GetClientRect
GetDC
LoadBitmapA
PostMessageA
GetParent
SendNotifyMessageA
CharUpperA
EnableWindow
GetWindow
SendMessageA
MessageBoxA
GetDesktopWindow
ExitWindowsEx
UpdateWindow
GetSysColor
GetWindowTextLengthA

gdi32

CreateSolidBrush
CreateFontIndirectA
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
SetMapMode
RestoreDC
SaveDC
GetStockObject
CreateCompatibleDC
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

EnumPrinterDriversA
ClosePrinter
OpenPrinterA
EnumMonitorsA
AddPortA
GetPrinterA
EnumPrintersA
ord201
SetJobA
EnumJobsA
DeletePrinter
DeletePrinterConnectionA
DeletePrinterDriverA
SetPrinterA
DocumentPropertiesA
DocumentPropertiesW
ord202
ConfigurePortA
AddMonitorA
AddPrinterA
GetPrintProcessorDirectoryA
AddPrinterDriverA
EnumPortsA
GetPrinterDriverDirectoryA

advapi32

OpenServiceA
RegQueryValueA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegOpenKeyA
RegEnumKeyA
AdjustTokenPrivileges
OpenSCManagerA
QueryServiceStatus
ControlService
StartServiceA
CloseServiceHandle
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHChangeNotify
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantClear
SysAllocStringLen
VariantChangeType
VariantInit

Sections

.text
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06fb7433ae78f375c04adc0ca1fbe9f2

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

4b:e8:1d:a6:72:36:9b:55:3d:0e:3f:7d:1e:b0:3d:c9Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

version

psapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 448KB - Virtual size: 447KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 16KB - Virtual size: 26KB

.rsrc Size: 116KB - Virtual size: 112KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

4b:e8:1d:a6:72:36:9b:55:3d:0e:3f:7d:1e:b0:3d:c9
Certificate

.text
Size: 448KB - Virtual size: 447KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 16KB - Virtual size: 26KB

.rsrc
Size: 116KB - Virtual size: 112KB