38c034da85997904eca72b51eabe137f

Sharing

Copy URL Twitter E-mail

General

Target

38c034da85997904eca72b51eabe137f
Size

2.9MB
MD5

38c034da85997904eca72b51eabe137f
SHA1

5b4dff336663be2436b025c6a2f5024d5bd258e1
SHA256

03ee7ae319f4789f2d929a3865be0c47a5267ea09f8ac5e3df90909d4ebe2b95
SHA512

b77587ce73bc11fe448beb9dd67ceb831d715d38db167198668135ede1a890a4191d5a7e508176151bf29a0fa275a3c13d5256ac70ee6bb85df36694529e2725
SSDEEP

49152:f/gbWOeUuy9Sgb4Y6T5bC4laWpulmQ7d2PKf5EbcsEcy3J/p0S9pl3/:YWOeUufaYulL779sRa043/

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DriverMagician.exe
unpack001/patch/patch.exe

Files

38c034da85997904eca72b51eabe137f
.rar
DriverMagician.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
patch/patch.exe
.exe windows:4 windows x86 arch:x86

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowRgn
SetWindowLongA
SetFocus
SetWindowTextA
ShowWindow
SetDlgItemTextA
SetClassLongA
SetCapture
SendMessageA
ReleaseCapture
RedrawWindow
PtInRect
OffsetRect
MessageBoxA
LoadIconA
LoadCursorA
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowLongA
GetParent
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetCursorPos
GetCapture
GetActiveWindow
EndDialog
DrawTextA
DialogBoxParamA
CheckDlgButton
CallWindowProcA

kernel32

RtlZeroMemory
CompareStringA
GetModuleFileNameA
SetCurrentDirectoryA
CreateDirectoryA
FlushFileBuffers
WriteFile
lstrlenA
lstrcpyA
lstrcmpiA
lstrcatA
WinExec
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
FreeLibrary
GetCommandLineA
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
LoadResource
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SizeofResource
UnmapViewOfFile

shell32

ShellExecuteA

gdi32

GetStockObject
RoundRect
SelectObject
CreateFontIndirectA
CreateSolidBrush
ExtCreateRegion
GetObjectA
SetTextColor
SetBkMode
SetBkColor

comctl32

InitCommonControls

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comdlg32

GetOpenFileNameA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 34KB - Virtual size: 34KB

DATA Size: 1024B - Virtual size: 584B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

1eae0d37eb5a00a753e7a55351af7932

Headers

File Characteristics

Imports

user32

kernel32

shell32

gdi32

comctl32

advapi32

comdlg32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 325KB - Virtual size: 324KB

CODE
Size: 34KB - Virtual size: 34KB

DATA
Size: 1024B - Virtual size: 584B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 325KB - Virtual size: 324KB