d7a4c82eebfb3232ad8bce47d3fc5bbb

Sharing

Copy URL Twitter E-mail

General

Target

d7a4c82eebfb3232ad8bce47d3fc5bbb
Size

2.2MB
MD5

d7a4c82eebfb3232ad8bce47d3fc5bbb
SHA1

c8641622e0d89b5bd36b57b1969d83816736b4c9
SHA256

b2ff1bbaa3da1abf4d9527d7406daac695c1f90f4a86154df2df8f281cc89313
SHA512

8d30ee6d2befb218b3eb9ef7173f055e8cd0992da87a7d12bff703ea95bf5369b9dcfdd94a8eb56684232f4e57bd158f7d7461de20ffb5ad3448ebcc634d6ee8
SSDEEP

49152:fWbta8lyEuyfnlWkx/2whS2xTB6EtszAL9GGyvl:fWbta8lRuyvlJ/VhS2n6ZkL9bA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/myusbonly_setup.exe

Files

d7a4c82eebfb3232ad8bce47d3fc5bbb
.rar
myusbonly_setup.exe
.exe windows:4 windows x86 arch:x86

f84ed1936c990a6078e9f290065abb76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

FindFirstFileA
CreateDirectoryA
RemoveDirectoryA
FormatMessageA
ReadFile
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetEnvironmentVariableA
GetLogicalDriveStringsA
GetDriveTypeA
GetTempFileNameA
FindNextFileA
CreateProcessA
GetExitCodeProcess
GetVersion
GetDiskFreeSpaceA
GetModuleHandleA
MultiByteToWideChar
GetCurrentProcess
FlushInstructionCache
HeapAlloc
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
MulDiv
OutputDebugStringA
LoadLibraryExA
GetSystemDefaultLangID
GetUserDefaultLangID
lstrcmpiA
GlobalMemoryStatus
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrcpynA
lstrlenW
CreateMutexA
GetFileAttributesA
SetFileAttributesA
CopyFileA
ExitProcess
DebugBreak
HeapSize
HeapReAlloc
HeapDestroy
LocalAlloc
FindClose
lstrlenA
GetProcessHeap
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStartupInfoA
lstrcatA
lstrcpyA
VirtualProtect
HeapFree
InitializeCriticalSection
DeleteCriticalSection
lstrcmpA
GetThreadLocale
GetStringTypeExA
RaiseException
GetModuleFileNameA
GetProcAddress
LoadLibraryA
ResetEvent
FlushFileBuffers
Sleep
WriteFile
MoveFileA
DeleteFileA
GetFileSize
SetFilePointer
CreateFileA
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventA
SetEvent
GetLastError
CreateThread
CloseHandle
TerminateThread
GetExitCodeThread
WaitForSingleObject
FreeLibrary
VirtualAlloc
GetSystemInfo
VirtualQuery
EnumResourceLanguagesA
RtlUnwind

user32

EmptyClipboard
CloseClipboard
OpenClipboard
ScreenToClient
GetSubMenu
LoadMenuA
TrackPopupMenu
EnableMenuItem
ExitWindowsEx
GetDC
GetSystemMetrics
SetFocus
DestroyMenu
ModifyMenuA
DefWindowProcA
CallWindowProcA
SetClipboardData
DialogBoxParamA
LoadIconA
InvalidateRect
ShowWindow
CreateWindowExA
RemovePropA
SetPropA
GetDlgCtrlID
IsWindow
PostMessageA
MessageBoxA
KillTimer
EnableWindow
SetTimer
DestroyWindow
CreateDialogParamA
GetWindowDC
ReleaseDC
LoadImageA
PostQuitMessage
GetPropA
GetSystemMenu
GetActiveWindow
LoadStringA
SetWindowLongA
SendMessageA
EndDialog
GetWindow
SystemParametersInfoA
GetWindowRect
RedrawWindow
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
SetWindowTextA
wvsprintfA
CharNextA
UnregisterClassA
GetDesktopWindow
IsWindowVisible
GetWindowLongA

gdi32

GetObjectA
CreateFontIndirectA
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
GetDeviceCaps
DeleteObject
GetStockObject
DeleteDC
SetBkMode

advapi32

RegQueryInfoKeyA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyExA

shell32

ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA

ole32

CoTaskMemFree
CoInitialize
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

f84ed1936c990a6078e9f290065abb76

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 21KB - Virtual size: 24KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 24KB