c90b22233d6b408ee1c824c4f38dc6ca

Sharing

Copy URL

Twitter E-mail

General

Target

c90b22233d6b408ee1c824c4f38dc6ca
Size

248KB
MD5

c90b22233d6b408ee1c824c4f38dc6ca
SHA1

a8e3d61acf7cf66770028377cb0a6a759daf191e
SHA256

be39f9189124ecaf5e7d8695f76fb78ca5d6e9573e90e50174db9c47128dfe7f
SHA512

3789fc0235efe96d8f95490dd3e7f1e9346bbfadd6f305f0dcbdb5f5ab81c73897dd8ecd7cdec0f929af2bc2d6d951bee5bbc3793254ee3d4e40307f78827ee2
SSDEEP

3072:ylUb6M36FpV7bJvzurRM2k27zLlMWOjUO9J6:w5M36bzvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c90b22233d6b408ee1c824c4f38dc6ca

Files

c90b22233d6b408ee1c824c4f38dc6ca
.exe windows:5 windows x86 arch:x86

1e81a9462824f416e8f3dc2e742e7da1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Asus\EnhancedDriverV119\Asuskbservice\ASUSKBService\ASUSDISP-Release\ATKKBService.pdb

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

kernel32

VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
LCMapStringA
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetModuleHandleA
GetProcAddress
ExitProcess
GetStartupInfoA
GetVersionExA
GetCommandLineA
MultiByteToWideChar
LCMapStringW
lstrcmpiA
lstrcpyA
CreateEventA
GetSystemInfo
CreateThread
GetProcessHeap
HeapAlloc
HeapFree
WaitForSingleObject
DeviceIoControl
CreateFileA
CloseHandle
GetTickCount
Sleep
GetModuleFileNameA
GetLastError
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
SetHandleCount

user32

BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
UpdateWindow
LoadImageA
GetWindowLongA
SetWindowLongA
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowDC
GetSystemMetrics
SetTimer
SetWindowPos
DestroyWindow
LoadIconA
TranslateMessage
RegisterClassExA
GetAsyncKeyState
SetCursor
ShowCursor
SetLayeredWindowAttributes
KillTimer
ShowWindow
PostMessageA
DefWindowProcA
GetWindowRect
FillRect
CallNextHookEx
GetDC
ReleaseDC
SendMessageA
wsprintfA
DispatchMessageA
GetMessageA
LoadStringA
LoadCursorA

gdi32

SelectObject
DeleteObject
ExtEscape
GetObjectA
CreateCompatibleDC
CreateSolidBrush
BitBlt

advapi32

RegSetValueExA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterEventSourceA
ReportEventA
DeregisterEventSource
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e81a9462824f416e8f3dc2e742e7da1

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 212KB - Virtual size: 211KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 212KB - Virtual size: 211KB