6804e30fc28eb2d192649fd7e88f7d2c

Sharing

Copy URL Twitter E-mail

General

Target

6804e30fc28eb2d192649fd7e88f7d2c
Size

1.3MB
MD5

6804e30fc28eb2d192649fd7e88f7d2c
SHA1

4886ff0cc5522ea30a03e4b69c1f8f844b4e8f15
SHA256

51a5b2fbf73c8ea489c2d0aa7d2ea792d93dbcd88d27db0558831d8b1a9e28b1
SHA512

075f219edad341f26ef95cec7731aeb2fb427928d08416ec1a81a4963d1cb82d9b0258d4a7e71c1eb9cc4ae417fc75a42498bb921ce2d5dfa13196ab8ee68036
SSDEEP

24576:ELGDHLISu51gFNfjmOHxWuXeG2YsmC0R76GK:ELGDHLIS1dHxW/qsO9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6804e30fc28eb2d192649fd7e88f7d2c

Files

6804e30fc28eb2d192649fd7e88f7d2c
.exe windows:4 windows x86 arch:x86

224affeba85a256fc243e422d38ee4e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

drvinterface

?vr_create_stripe@@YAHHQAHKH@Z
?vr_init_raid5@@YAHHPA_KPAG@Z
?vr_migration_raid@@YAHHPA_KPAG@Z
?vr_repair_broken_raid@@YAHHHQAH@Z
?vr_sync_disk_pair@@YAHHH_KG@Z
?vr_sync_raid5@@YAHHPA_KPAG@Z
?vr_verify_disk_pair@@YAHHH_KG@Z
?vr_verify_raid5@@YAHHPA_KPAG@Z
?vr_mark_disk_pair_as_synced@@YAHHH@Z
?vr_remove_raid@@YAHH@Z
?vr_create_span@@YAHHQAHH@Z
?vr_exit@@YAXXZ
?vr_update_hardware_info@@YAHXZ
?vr_update_raid_info@@YAHXZ
?vr_exec_SMART@@YAHXZ
?vr_config_param@@YAHHPAX@Z
?vr_is_system_support_dynamic_raid@@YAHXZ
?vr_get_array_num@@YAHHPAH@Z
?vr_get_device_num@@YAHPAH@Z
?vr_get_controller_num@@YAHPAH@Z
?vr_set_param_for_wmi@@YAHPAXP6AXPAEE0@Z@Z
?vr_get_capability_wmi@@YAHXZ
?vr_create_raid5@@YAHHQAHKKHH@Z
?vr_create_raid01@@YAHHQAHK@Z
?vr_create_mirror@@YAHHHHH@Z
?vr_mirror_add_spare@@YAHHH@Z
?vr_get_device_info@@YAHHPAU_vr_device_info@@@Z
?vr_get_device_info_by_array_pos@@YAHHHPAU_vr_device_info@@@Z
?vr_get_device_info_by_phy_address@@YAHHHHPAU_vr_device_info@@@Z
?vr_get_array_info@@YAHHPAU_vr_array_info@@@Z
?vr_get_controller_info@@YAHHPAU_vr_controller_info@@@Z
?vr_get_channel_info@@YAHHHPAU_vr_channel_info@@@Z
?vr_mirror_remove_spare@@YAHH@Z
?vr_init@@YAHXZ

kernel32

GetOEMCP
SizeofResource
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentDirectoryA
lstrlenW
GetTickCount
GlobalSize
RtlUnwind
CreateThread
ExitThread
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
GetPrivateProfileIntA
SuspendThread
SetThreadPriority
ResumeThread
GetCurrentThread
lstrcmpA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
GetProfileStringA
CloseHandle
SetEvent
ResetEvent
Sleep
WaitForSingleObject
CreateEventA
WaitForMultipleObjects
LCMapStringA
SystemTimeToFileTime
GetSystemTime
FindClose
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FormatMessageA
lstrlenA
DeleteFileA
lstrcatA
LocalFree
GetFileAttributesA
GetSystemDefaultLangID
GetFullPathNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentProcess
CreateMutexA
GetLastError
CopyFileA
GetLocalTime
WriteFile
GetModuleFileNameA
GetVersionExA
lstrcmpiA
lstrcpynA
SetFilePointer
ReadFile
CreateFileA
GetFileSize

user32

UnpackDDElParam
BringWindowToTop
SetRect
LoadCursorA
WaitMessage
WindowFromPoint
TranslateMessage
GetMessageA
PtInRect
IsZoomed
InflateRect
SetCursorPos
DestroyCursor
IsRectEmpty
UnionRect
SetParent
GetSystemMenu
CharUpperA
PostQuitMessage
ShowOwnedPopups
ValidateRect
SetWindowContextHelpId
MapDialogRect
GetClassNameA
GetSysColorBrush
GetDialogBaseUnits
FillRect
GetDCEx
LockWindowUpdate
InvertRect
GetMenuStringA
DestroyIcon
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
RegisterClipboardFormatA
RemoveMenu
PostThreadMessageA
SetRectEmpty
InvalidateRect
wvsprintfA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
DestroyMenu
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
OemToCharA
CharToOemA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
ReuseDDElParam
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
GetDC
ReleaseDC
RedrawWindow
LoadStringA
ExitWindowsEx
FindWindowA
ShowWindow
LoadImageA
IsChild
SetTimer
SetForegroundWindow
KillTimer
EnumWindows
GetWindowThreadProcessId
DeleteMenu
GetSubMenu
GetMenuItemID
InsertMenuA
ModifyMenuA
RegisterWindowMessageA
GetMenu
EnableMenuItem
MessageBoxA
PostMessageA
GetClientRect
IsWindow
UpdateWindow
GetFocus
LoadIconA
GetWindowRect
CreatePopupMenu
SetMenu
LoadMenuA
GetDesktopWindow
SetCursor
TranslateAcceleratorA
DeferWindowPos
LoadAcceleratorsA
AppendMenuA
ClientToScreen
EnableWindow
LoadBitmapA
GetCursorPos
ScreenToClient
SetCapture
MessageBeep
ReleaseCapture
GetWindowLongA
SetWindowLongA
SendMessageA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetDlgItem

gdi32

IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExcludeClipRect
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
SetAbortProc
CreateDCA
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
GetTextExtentPoint32A
GetTextMetricsA
GetMapMode
SetRectRgn
CombineRgn
CreateFontIndirectA
LPtoDP
BitBlt
GetTextColor
GetBkColor
CopyMetaFileA
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateRectRgnIndirect
GetTextExtentPointA
CreatePen
CreateDIBitmap
PatBlt

comdlg32

GetOpenFileNameA
PrintDlgA
PageSetupDlgA
CommDlgExtendedError
GetSaveFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegCloseKey

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles
Shell_NotifyIconA
ExtractIconA

comctl32

ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_DragShowNolock
ImageList_AddMasked
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write
ord17
ord13
ord14
ImageList_Create
ImageList_Destroy

oledlg

ord8

ole32

WriteFmtUserTypeStg
CLSIDFromString
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
CLSIDFromProgID
SetConvertStg
CreateBindCtx
OleDuplicateData
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject

olepro32

ord253

oleaut32

VarDateFromStr
SafeArrayGetUBound
SafeArrayAccessData
SysAllocString
SysReAllocStringLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarBstrFromCy
SafeArrayUnaccessData
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi
SysFreeString

winmm

PlaySoundA

Sections

.text
Size: 668KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

224affeba85a256fc243e422d38ee4e0

Headers

File Characteristics

Imports

drvinterface

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

winmm

Sections

.text Size: 668KB - Virtual size: 665KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 44KB - Virtual size: 60KB

.idata Size: 20KB - Virtual size: 18KB

.rsrc Size: 196KB - Virtual size: 192KB

.reloc Size: 52KB - Virtual size: 48KB

.tc Size: 200KB - Virtual size: 200KB

.text
Size: 668KB - Virtual size: 665KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 44KB - Virtual size: 60KB

.idata
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 196KB - Virtual size: 192KB

.reloc
Size: 52KB - Virtual size: 48KB

.tc
Size: 200KB - Virtual size: 200KB