ddff0834127a80321d7b22ce2fff0ce2

General

Target

ddff0834127a80321d7b22ce2fff0ce2
Size

180KB
MD5

ddff0834127a80321d7b22ce2fff0ce2
SHA1

1367c5ef6716eb63bc66fc35d6afdcea8700b655
SHA256

e0afd45bfd646a4e42a2e2d7ef1427402356c1e4364337a1dd00339cdd08af8f
SHA512

d7a1dcd44aab1ae21536ed84b1801f924ae4f95e34eac3aa8d90b850c2e42004965ba56e9582ea24847da76f43870953eb2fea33f5dc1f51983fd5f78762bacd
SSDEEP

3072:ilY8YwHR992PfOsSNGzVqTatzpAoR5774OQGtNeL5tl+upD+6s/3nSH+dDst01+:iZ2yXT26W74ODNedtl+x/iH+5st01

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddff0834127a80321d7b22ce2fff0ce2

Files

ddff0834127a80321d7b22ce2fff0ce2
.exe windows:4 windows x86 arch:x86

2ad5b6992a5dcf3b9c3d6c9cf36dc11f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

setupapi

SetupCopyOEMInfW
SetupDiClassGuidsFromNameW
SetupGetLineTextA
SetupOpenInfFileA
SetupDiEnumDeviceInfo
SetupDiDeleteDeviceInfo
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsA
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDescriptionW
CMP_WaitNoPendingInstallEvents
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupCloseInfFile
SetupGetInfFileListA
SetupDiGetDeviceRegistryPropertyA
SetupDiClassNameFromGuidW
SetupDiSetClassInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiBuildClassInfoList
CM_Get_DevNode_Status

kernel32

GetAtomNameW
GetProcAddress
FindNextFileW
WaitForSingleObject
ReadFile
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
GetWindowsDirectoryW
WritePrivateProfileStringW
FindFirstFileW
EnumResourceNamesW
DeleteFileW
FreeLibrary
FindClose
WaitCommEvent
WriteFile
GetPrivateProfileStringW
MulDiv
SetFilePointer
GetExitCodeProcess
GlobalAlloc
GlobalFree

rpcrt4

NdrConformantArrayFree
UuidCreate

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ad5b6992a5dcf3b9c3d6c9cf36dc11f

Headers

File Characteristics

Imports

iphlpapi

setupapi

kernel32

rpcrt4

mprapi

newdev

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 79KB - Virtual size: 78KB

.reloc Size: 1024B - Virtual size: 260KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 79KB - Virtual size: 78KB

.reloc
Size: 1024B - Virtual size: 260KB