udfread_v5[.]1[.]1[.]213_inst[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

udfread_v5.1.1.213_inst.exe
Size

540KB
MD5

b4b1a661fa90bb642a7e1d50df809678
SHA1

a1f4638e920a7e0ce56cebbf1a0414a1a479de68
SHA256

153fa118e6cc0bff88b9ae214bbfd345439bbdf1f6f499b937a6178a5e9439e7
SHA512

b0d8571c3113b8d08ecbbf4ca38fe50a75b1fbf4414265e2d511d063af5ed3d49e05a5fcd8171b987cfba66b66308a6d674d0a9a2492de9be7345cff7c0e8ba5
SSDEEP

12288:bqnCNLOx/oFOdqeaKL1JfsmnggnNoFBpXGrlEv:bqnSKwFOdqK1xspwNopmlEv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
udfread_v5.1.1.213_inst.exe

Files

udfread_v5.1.1.213_inst.exe
.exe windows:4 windows x86 arch:x86

5090357a0477bb0cfb7308f97d4aa1ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
WideCharToMultiByte
FindResourceExA
GetLocaleInfoA
CloseHandle
CreateProcessA
GetModuleFileNameA
LoadResource
IsValidLocale
EnumResourceLanguagesA
GetVersionExA
FreeResource
CreateFileA
GetDiskFreeSpaceA
FreeEnvironmentStringsA
TerminateProcess
SetEnvironmentVariableA
UnhandledExceptionFilter
CompareStringA
SetEndOfFile
CompareStringW
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
FindNextFileA
GetFullPathNameA
FileTimeToLocalFileTime
GetCurrentDirectoryA
GetLastError
DeleteFileA
CompareFileTime
HeapFree
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
GetFileAttributesA
GetFileTime
GetFileSize
CopyFileA
CreateDirectoryA
GetTempFileNameA
MoveFileExA
SetFileAttributesA
GetShortPathNameA
lstrlenA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetCurrentProcess
GetUserDefaultLangID
FindClose
FindFirstFileA
VirtualFree
ReadFile
VirtualAlloc
WriteFile
SetFilePointer
GetLocalTime
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
MoveFileA
GetProcAddress
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapReAlloc
SetFileTime
LocalFileTimeToFileTime
LoadLibraryA
GetDriveTypeA
SystemTimeToFileTime
GetSystemTime

user32

wvsprintfA
GetDlgItem
LoadIconA
MoveWindow
SendMessageA
GetWindowRect
DialogBoxParamA
MessageBoxA
wsprintfA
ExitWindowsEx
GetDesktopWindow
SetClassLongA
GetSystemMetrics
SendDlgItemMessageA
TranslateMessage
BringWindowToTop
DispatchMessageA
SetDlgItemTextA
IsDialogMessageA
PeekMessageA
ShowWindow
SetWindowTextA
SetFocus
ReleaseDC
EnableWindow
EndDialog
GetDC

gdi32

DeleteObject
CreateFontIndirectA
GetStockObject
GetObjectA
TranslateCharsetInfo
GetTextMetricsA

advapi32

GetTokenInformation
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyA
FreeSid
EqualSid
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueA
RegCreateKeyExA
AllocateAndInitializeSid
OpenProcessToken
LookupPrivilegeValueA

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5090357a0477bb0cfb7308f97d4aa1ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

version

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 47KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 47KB

.rsrc
Size: 104KB - Virtual size: 100KB