accc4f1653b2594c1f66cc1ea10aacf00d1051f1c1fd84d41b59ccee6fa96627

Sharing

Copy URL

Twitter E-mail

General

Target

accc4f1653b2594c1f66cc1ea10aacf00d1051f1c1fd84d41b59ccee6fa96627
Size

477KB
MD5

b5f2cf2175357af98afe70dd7396a266
SHA1

c67727222fbdfbee461bcbb0b83631f7cd18f9cd
SHA256

accc4f1653b2594c1f66cc1ea10aacf00d1051f1c1fd84d41b59ccee6fa96627
SHA512

ab0172398a713d9294b4f1cea22192070f2d9f46b9e29d296888ed1d5c0fe522d27557607641ce31d3ddda88cf7c9c9733ff33b584da3ac2dc0cc130fc5c4a6c
SSDEEP

12288:rO0Pjx9CVz2KMGfR7UB+rEo4lWYNjJbYtdnp75SH:x9CVz2g7UNblFNjiH1Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
accc4f1653b2594c1f66cc1ea10aacf00d1051f1c1fd84d41b59ccee6fa96627

Files

accc4f1653b2594c1f66cc1ea10aacf00d1051f1c1fd84d41b59ccee6fa96627
.dll windows:5 windows x86 arch:x86

34ac7010221f97f2aa4152cd2a87454a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\qb_csgfw\workspace\1881\SOLInstaller\Installer\Common\DriversCA\Release\DriversCA.pdb

Imports

msi

ord74
ord103
ord124
ord145
ord73
ord116
ord118
ord120
ord17
ord125
ord47
ord8
ord64
ord32
ord159
ord160
ord49

kernel32

DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
SetFileAttributesW
GetModuleHandleW
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
FormatMessageW
LocalFree
GetNativeSystemInfo
VerSetConditionMask
VerifyVersionInfoW
FindFirstFileW
FindNextFileW
FindClose
InterlockedDecrement
LoadLibraryW
GetProcAddress
FreeLibrary
lstrlenW
LocalAlloc
GetTempPathW
GetTempFileNameW
DeleteFileW
MoveFileW
WideCharToMultiByte
GetFileAttributesW
CreateDirectoryW
RemoveDirectoryW
CreateFileW
GetCurrentProcessId
GetModuleFileNameA
SetFilePointer
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
GlobalFindAtomW
GlobalDeleteAtom
SetLastError
GlobalAddAtomW
GetTickCount
GetModuleFileNameW
MultiByteToWideChar
WriteFile
GlobalFree
GlobalAlloc
ExitProcess
HeapDestroy
WriteConsoleW
SetStdHandle
GetConsoleMode
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetCommandLineA
GetCurrentThreadId
GetStdHandle
HeapCreate
FlushFileBuffers
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
IsProcessorFeaturePresent
LCMapStringW
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
DeleteCriticalSection
GetStartupInfoW
GetFileType

user32

wsprintfW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetFolderPathW
SHCreateDirectoryExW

ole32

CoInitialize
CoUninitialize
OleRun
CoCreateInstance

oleaut32

GetErrorInfo
SysFreeString
VariantInit
VariantCopy
VariantClear
SysAllocString

cabinet

ord20
ord22
ord23

setupapi

SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupGetLineTextW
SetupGetStringFieldW
SetupFindNextLine
SetupDiGetINFClassW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiDestroyDeviceInfoList

shlwapi

PathRemoveExtensionW
PathAppendW
PathAddBackslashW
PathRemoveFileSpecW
PathMatchSpecW
PathFileExistsW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

InstallDrivers
RollbackDrivers
Test
UninstallDrivers

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34ac7010221f97f2aa4152cd2a87454a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

kernel32

user32

advapi32

shell32

ole32

oleaut32

cabinet

setupapi

shlwapi

version

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 5KB - Virtual size: 16KB

.rsrc Size: 317KB - Virtual size: 317KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 5KB - Virtual size: 16KB

.rsrc
Size: 317KB - Virtual size: 317KB

.reloc
Size: 10KB - Virtual size: 9KB