c549df7f2e533a9cd197bc1f108db17658ddfe29ab802ecc4f307d54a37d2c05

Sharing

Copy URL Twitter E-mail

General

Target

c549df7f2e533a9cd197bc1f108db17658ddfe29ab802ecc4f307d54a37d2c05
Size

958KB
MD5

559cc761629fa8d281b6ff31a5a97ed2
SHA1

1ee0723b61e8b8a13bf88d09e4e5ee8f6d1ff7ba
SHA256

c549df7f2e533a9cd197bc1f108db17658ddfe29ab802ecc4f307d54a37d2c05
SHA512

0a01466dcca77fc7ff9bc86085b1f377f8d7d7e4518e726d1c92555514dc8639c71fe28592d012dbe5ba314d480a3d26839f16d49110c33f2da5f9bdefca2d48
SSDEEP

24576:wvs0zOy/9r01Wj1+9aBkjqtuI/nL8/Yg3oqYQQp6U:7gj1+9azVL8D3oqnm3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c549df7f2e533a9cd197bc1f108db17658ddfe29ab802ecc4f307d54a37d2c05

Files

c549df7f2e533a9cd197bc1f108db17658ddfe29ab802ecc4f307d54a37d2c05
.exe windows:6 windows x86 arch:x86

cc5ecc4432b196e18b7b0afe50bdc94c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project_WinC\UpdateFW_Package\UpdatePackage_1.0.0.19-29\UpdateFW\Release\WIN32\UpdateFW.pdb

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
VirtualFree
GetLastError
VirtualAlloc
lstrcmpW
lstrcmpiW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileSize
ReadFile
WriteFile
GetTempPathW
OutputDebugStringW
WaitForSingleObject
GetCurrentProcess
GetExitCodeProcess
CreateThread
CreateProcessW
GetModuleHandleW
LoadResource
LockResource
SizeofResource
FindResourceW
lstrlenW
SetCurrentDirectoryW
RemoveDirectoryW
GetTickCount64
GetPrivateProfileIntW
GetPrivateProfileStringW
GetConsoleOutputCP
lstrcatW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
SetConsoleCtrlHandler
GetProcessHeap
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
WriteConsoleW
lstrcpyW
Sleep
DeviceIoControl
CloseHandle
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFileType
GetCurrentThread
HeapFree
HeapAlloc
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
FlushFileBuffers
CreateFileW
DecodePointer
LoadLibraryExW
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetFileInformationByHandle
SetFilePointer
GetLocalTime
GetTickCount
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FileTimeToSystemTime
SystemTimeToFileTime
GetCurrentDirectoryW
GetFileAttributesW
LocalFileTimeToFileTime
SetFileTime
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
GetConsoleMode

user32

MessageBoxW
GetClientRect
SetWindowTextW
SetClassLongW
LoadImageW
KillTimer
SetTimer
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
DialogBoxParamW
GetParent
GetWindowRect
GetSystemMetrics
CharLowerW
MoveWindow
SendMessageW
ExitWindowsEx
CharUpperW
PostMessageW
wsprintfW
EnableWindow
GetDesktopWindow

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

setupapi

SetupDiSetClassInstallParamsW
SetupDiChangeState
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
CM_Get_Parent
CM_Get_Device_IDW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDevicePropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

comctl32

ord17

gdiplus

GdiplusStartup
GdiplusShutdown

Sections

.text
Size: 387KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 506KB - Virtual size: 505KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc5ecc4432b196e18b7b0afe50bdc94c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

setupapi

comctl32

gdiplus

Sections

.text Size: 387KB - Virtual size: 387KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 3KB - Virtual size: 36KB

.rsrc Size: 506KB - Virtual size: 505KB

.text
Size: 387KB - Virtual size: 387KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 3KB - Virtual size: 36KB

.rsrc
Size: 506KB - Virtual size: 505KB