DiskInfo[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DiskInfo.exe
Size

2.3MB
MD5

7dd8aa04a54f148ce0ecf5d71d3819a6
SHA1

493313755b810a2b9354115b102b99d102e4028f
SHA256

e3fd7c750d83399277bc5f9a50b57f43ddfd5bc0fa69fcc2d73b287de0b79623
SHA512

c448e219d5b27319fe3f0edc4043030228aac65e195c3236a63f8d4e899491f63620d8e9e780ce940d9f2fb1ce304061e6feeb3052e3bf93dfa834cfee9eb1e9
SSDEEP

49152:FYGcQ44tHK4Eeq1OLVQar/QCt1BSbYZvvgpYQ8/nmC9:GzQ44tPEkJQar/Qs1UbsvgpunmC9

Score

1^/10

Malware Config

Signatures

Files

DiskInfo.exe
.exe windows x86

bcf5fc73a902d0516469a0af9d608f0e

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:ef
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

05/02/2013, 13:53

Not After

06/02/2016, 13:53

Subject

CN=Noriyuki MIYAZAKI,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:e2:ed:2f:82:38:e8:e2:c0:b5:09:45:07:d2:ed:8a:20:a3:f2:73
Signer

Actual PE Digest

4c:e2:ed:2f:82:38:e8:e2:c0:b5:09:45:07:d2:ed:8a:20:a3:f2:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SetEnvironmentVariableA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetDateFormatA
GetTimeFormatA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
SizeofResource
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
CreateThread
ExitThread
ExitProcess
HeapReAlloc
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
VirtualQuery
GetSystemInfo
HeapAlloc
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetSystemDirectoryW
GetTempFileNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetFullPathNameW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentDirectoryW
lstrcpyW
FileTimeToSystemTime
GetThreadLocale
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
InterlockedIncrement
GlobalFlags
RaiseException
ResumeThread
SetThreadPriority
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryExW
CompareStringA
lstrlenA
lstrcmpA
GetCurrentProcessId
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
WideCharToMultiByte
FreeLibrary
CopyFileW
GlobalSize
FormatMessageW
MulDiv
FreeResource
LocalFree
LocalAlloc
GetCurrentThread
lstrcmpiW
GetWindowsDirectoryW
GetCurrentProcess
DefineDosDeviceW
VirtualFree
VirtualAlloc
ReadFile
SetFilePointer
GetDriveTypeW
MultiByteToWideChar
DeviceIoControl
DeleteCriticalSection
InitializeCriticalSection
FindClose
FindNextFileW
FindFirstFileW
GetTimeZoneInformation
CreateDirectoryW
InterlockedDecrement
GetVolumeInformationW
GetDiskFreeSpaceExW
GetLocalTime
WriteFile
CreateFileW
DeleteFileW
GetTempPathW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetComputerNameW
LoadLibraryW
SetLastError
CloseHandle
ReleaseMutex
GetVersionExW
GetLastError
CreateMutexW
Sleep
GetCommandLineW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
SetErrorMode
GetTickCount
GetPrivateProfileStringW
GetModuleHandleW
GetProcAddress
lstrlenW
GlobalUnlock
InterlockedExchange
GlobalFree
GlobalLock
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
GetUserDefaultLCID
FindResourceW
LoadResource
LockResource
GlobalReAlloc

user32

ReuseDDElParam
FrameRect
LoadImageW
CopyImage
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
SetClassLongW
DestroyAcceleratorTable
SetParent
SetWindowContextHelpId
MapDialogRect
CharNextW
InvalidateRgn
SetRect
CopyAcceleratorTableW
DestroyIcon
PostThreadMessageW
WaitMessage
GetMenuDefaultItem
SetMenuDefaultItem
IsMenu
UpdateLayeredWindow
EnableScrollBar
UnionRect
IsRectEmpty
CharUpperW
IsZoomed
GetAsyncKeyState
NotifyWinEvent
MessageBeep
ReleaseCapture
SetCapture
RedrawWindow
SetWindowRgn
GetSystemMenu
DeleteMenu
SetRectEmpty
UnregisterClassW
GetSysColorBrush
GetMenuItemInfoW
InflateRect
MapVirtualKeyW
GetKeyNameTextW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
RegisterClipboardFormatW
PostQuitMessage
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
LoadMenuW
DrawStateW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
UnpackDDElParam
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
GetKeyState
SetMenu
GetScrollRange
ShowScrollBar
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
InvalidateRect
EnableWindow
SendMessageW
GetClientRect
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetFocus
SetWindowPos
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindowTextLengthW
GetWindow
SetFocus
UnhookWindowsHookEx
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CopyIcon
CharUpperBuffW
GetNextDlgGroupItem
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
GetDoubleClickTime
GetIconInfo
IsCharLowerW
SubtractRect
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
FillRect
SetScrollPos
GetScrollPos
SetScrollRange
DestroyCursor
GetWindowRgn
GetPropW
SetCursor
LoadCursorW
wsprintfW
GetDC
ReleaseDC
SystemParametersInfoW
MonitorFromWindow
LoadAcceleratorsW
TranslateAcceleratorW
GetWindowRect
GetWindowInfo
AdjustWindowRect
GetSystemMetrics
EnableMenuItem
DrawMenuBar
SetForegroundWindow
RegisterWindowMessageW
LoadIconW
DestroyMenu
UnregisterDeviceNotification
EnumWindows
GetWindowTextW
GetWindowThreadProcessId
PostMessageW
IsIconic
DrawIcon
GetSubMenu
CheckMenuRadioItem
IsWindowVisible
CheckMenuItem
GetMenuState
WaitForInputIdle
KillTimer
SetTimer
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowLongW
GetWindowLongW
SetLayeredWindowAttributes
RegisterDeviceNotificationW
GetCursorPos
TrackPopupMenu
CreatePopupMenu
CreateMenu
InsertMenuItemW
ModifyMenuW
RemoveMenu
AppendMenuW
MapVirtualKeyExW

gdi32

OffsetRgn
RealizePalette
StretchBlt
SetPixel
RoundRect
CreatePalette
GetPaletteEntries
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetNearestPaletteIndex
GetSystemPaletteEntries
Polygon
GetTextFaceW
SetPixelV
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
Polyline
Ellipse
CreateEllipticRgn
CreatePolygonRgn
GetTextColor
GetBkColor
GetRgnBox
CreateRoundRectRgn
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextMetricsW
GetTextExtentPoint32W
PatBlt
CreateRectRgnIndirect
CreatePen
GetObjectType
SelectPalette
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetDCPenColor
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateSolidBrush
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
EnumFontFamiliesExW
CreateHatchBrush
CreatePatternBrush
Rectangle
GetStockObject
DeleteObject
CreateCompatibleDC
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
GetObjectW
GetBitmapBits
GetObjectA
CreateFontIndirectW
SetBitmapBits
SelectObject
DeleteDC
SetDIBColorTable
CreateDIBSection
GetPixel

msimg32

GradientFill
TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

SetSecurityDescriptorOwner
RegSetValueExW
RegCloseKey
RegDeleteValueW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatus
StartServiceW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
FreeSid
AccessCheck
IsValidSecurityDescriptor
RegCreateKeyExW
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
DuplicateToken
OpenProcessToken
OpenThreadToken
DeregisterEventSource
ReportEventW
RegisterEventSourceW

shell32

CommandLineToArgvW
Shell_NotifyIconW
SHGetFileInfoW
SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

UrlCreateFromPathW
PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathStripToRootW
SHDeleteKeyW
PathIsUNCW

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleDuplicateData
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoSetProxyBlanket
CLSIDFromString
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
DoDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleGetClipboard
RegisterDragDrop
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal

oleaut32

SafeArrayGetElement
SysStringLen
SysAllocStringLen
VariantChangeType
VariantCopy
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
VariantClear
VariantInit
SafeArrayGetElemsize

gdiplus

GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipCreateStringFormat
GdipCreateSolidFill
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDrawImageI
GdipDrawString
GdipSetTextRenderingHint
GdipGetLineSpacing
GdipGetCellAscent
GdipGetFamily
GdipDeleteFontFamily
GdipMeasureString
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteStringFormat
GdipDeleteFont
GdipCloneBrush
GdipAlloc
GdipDeleteBrush
GdipFree
GdiplusShutdown
GdipGetCellDescent

winmm

PlaySoundW
mciSendCommandW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 381KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcf5fc73a902d0516469a0af9d608f0e

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:efCertificate

Extended Key Usages

Key Usages

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45Certificate

Extended Key Usages

Key Usages

4c:e2:ed:2f:82:38:e8:e2:c0:b5:09:45:07:d2:ed:8a:20:a3:f2:73Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

winmm

version

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 381KB - Virtual size: 380KB

.data Size: 28KB - Virtual size: 74KB

.rsrc Size: 403KB - Virtual size: 403KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:ef
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

4c:e2:ed:2f:82:38:e8:e2:c0:b5:09:45:07:d2:ed:8a:20:a3:f2:73
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 381KB - Virtual size: 380KB

.data
Size: 28KB - Virtual size: 74KB

.rsrc
Size: 403KB - Virtual size: 403KB