976fccc56b3bad86569271b827743f3f

General

Target

976fccc56b3bad86569271b827743f3f
Size

200KB
MD5

976fccc56b3bad86569271b827743f3f
SHA1

7f017cca03535d7cf227e00a6b89cf5fbdddac07
SHA256

36d50b8380a389ac430c03fbcb9783bfba5674d4b5e4a99823755975581e0731
SHA512

02dea02dd7107be28d5a736ae90e6750810c2e4751d2e7b0f901dfa6bd5176ccf3a8512a217c78ae91a02447151a5420a603c29ebfb3caf524d76b3abde54f71
SSDEEP

3072:HTwB1/LSDw1bmvU/00uLAYx1AoAILx7d9XZlBRT17dtu7NU6tSflgkuEd:H+/p1b4K0Nx1kILv9pljT5dE77tqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976fccc56b3bad86569271b827743f3f

Files

976fccc56b3bad86569271b827743f3f
.exe windows:4 windows x86 arch:x86

c31ffc4a3e71b7e8eee3450e9c96aa09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\work\tool\CkUSBdvc\Release\CkUSBdvc.pdb

Imports

cfgmgr32

CM_Get_Sibling
CM_Get_Child
CM_Get_Device_IDA
CM_Get_DevNode_Registry_PropertyA
CM_Locate_DevNodeA
CM_Get_Parent

kernel32

WinExec
GetCommandLineA
CloseHandle
CreateFileA
DeviceIoControl
GlobalFree
GlobalAlloc
WideCharToMultiByte
SetFilePointer
FlushFileBuffers
ExitProcess
GetModuleHandleA
GetVersionExA
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
HeapAlloc
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
HeapSize
GetLocaleInfoA
VirtualProtect
GetSystemInfo
SetStdHandle

user32

wsprintfA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 160KB - Virtual size: 420KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c31ffc4a3e71b7e8eee3450e9c96aa09

Headers

File Characteristics

PDB Paths

Imports

cfgmgr32

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.vmp0 Size: 160KB - Virtual size: 420KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB

.vmp0
Size: 160KB - Virtual size: 420KB