65d3606b6aabe150d65b3991c4271ecff16b4cf882ffc75a4b3580a9bd160daa

Sharing

Copy URL

Twitter E-mail

General

Target

65d3606b6aabe150d65b3991c4271ecff16b4cf882ffc75a4b3580a9bd160daa
Size

888KB
MD5

f8a66f4eaf0251d95c30e8b57fd35ee0
SHA1

611241b4fa34c2dd63b68e4198496ceed7a19057
SHA256

65d3606b6aabe150d65b3991c4271ecff16b4cf882ffc75a4b3580a9bd160daa
SHA512

7e06c0db70dbe58bc07ed54fad6b62b5fc9db37228ee46fcbe5cfaf2404e043c33fc745da12041bff494010912e4f5a62af343ef899b7a16135b0c2c5006faef
SSDEEP

12288:HW9vo+eIiE84UoSqjRzRLPFDlXnrIpOfrXU6cDqjTIaJ/o69gghSX2bNEdzYQkOK:svoNILCoSqfRwZznr8TqZbzNWsClug

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
65d3606b6aabe150d65b3991c4271ecff16b4cf882ffc75a4b3580a9bd160daa

Files

65d3606b6aabe150d65b3991c4271ecff16b4cf882ffc75a4b3580a9bd160daa
.exe windows:5 windows x86 arch:x86

9e6e0e414bb315736ae61332032a1cb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Programming\CoreTemp\CoreTempDriverRework\Release\Core Temp.pdb

Imports

comctl32

ImageList_AddMasked
ImageList_GetIcon
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

powrprof

SetSuspendState

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageWidth
GdipSaveImageToFile
GdipDisposeImage
GdipLoadImageFromFile
GdipAlloc
GdipFree

kernel32

MultiByteToWideChar
WideCharToMultiByte
DeviceIoControl
FindNextFileW
FreeResource
LockResource
LoadResource
FindResourceW
EnumResourceNamesW
GetUserDefaultUILanguage
QueryPerformanceFrequency
QueryPerformanceCounter
LocalAlloc
InterlockedDecrement
lstrcpynW
GetFileSize
TerminateThread
SetErrorMode
SetFileAttributesW
RemoveDirectoryW
WaitForMultipleObjects
SetThreadPriority
SetPriorityClass
ReadFile
GetModuleFileNameA
GetVersion
HeapReAlloc
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetEnvironmentStringsW
GetModuleHandleW
LCMapStringW
SetFilePointer
DeleteCriticalSection
GetFileType
SetHandleCount
GetStringTypeW
HeapSize
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
FindFirstFileW
GetCPInfo
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
HeapCreate
ExitProcess
GetStdHandle
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineW
DeleteFileA
RaiseException
HeapFree
GetTimeFormatW
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
FindClose
GetFileSizeEx
GetFullPathNameW
GetExitCodeThread
CreateThread
GetVersionExW
GetCurrentProcess
LoadLibraryW
GetProcAddress
FreeLibrary
GetLocalTime
GetTickCount
GetModuleFileNameW
Sleep
MulDiv
CreateFileA
CompareStringW
SetEnvironmentVariableW
WriteConsoleW
SetEndOfFile
GetProcessHeap
SetEnvironmentVariableA
GetCurrentThread
LoadLibraryA
GetDateFormatW
FormatMessageW
LocalFree
UnmapViewOfFile
CreateMutexW
WaitForSingleObject
CreateFileMappingW
MapViewOfFile
CreateFileW
WriteFile
DeleteFileW
OpenMutexW
GetLastError
ReleaseMutex
CloseHandle
VerSetConditionMask
GetACP
VerifyVersionInfoW
FreeEnvironmentStringsW

user32

LoadMenuW
DrawMenuBar
GetClassNameW
GetMenuItemInfoW
GetMenuStringW
SetMenuItemInfoW
ScreenToClient
CreateDialogParamW
GetClassInfoExW
GetDlgCtrlID
GetSysColorBrush
CopyRect
SetFocus
DestroyIcon
MonitorFromPoint
FillRect
LoadAcceleratorsW
FindWindowW
IsIconic
PostMessageW
OffsetRect
MapDialogRect
SetRectEmpty
GetDialogBaseUnits
ReleaseDC
GetDC
GetSystemMetrics
CreateWindowExW
SetWindowPos
CallWindowProcW
GetWindowLongW
GetSysColor
MessageBoxW
MapWindowPoints
GetParent
GetWindowRect
MoveWindow
GetClientRect
GetWindowTextW
SendMessageW
SetCursor
SystemParametersInfoW
DrawTextExW
ExitWindowsEx
LoadStringW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadIconW
RegisterClassExW
RegisterWindowMessageA
RegisterWindowMessageW
DefWindowProcW
GetSubMenu
PostQuitMessage
DestroyWindow
DialogBoxParamW
EnableMenuItem
GetMenuState
GetMenu
SetTimer
KillTimer
EnableWindow
EnumChildWindows
SendNotifyMessageW
GetDlgItem
EndDialog
SetWindowLongW
SetWindowTextW
CreatePopupMenu
GetMenuItemCount
InsertMenuItemW
CheckMenuItem
GetCursorPos
TrackPopupMenu
DestroyMenu
SetForegroundWindow
UpdateWindow
LoadBitmapW
InvalidateRect
ShowWindow
LoadCursorW
AdjustWindowRectEx

gdi32

BitBlt
DeleteObject
DeleteDC
SelectObject
GetTextExtentPoint32W
GetTextMetricsW
CreateCompatibleDC
SetBkColor
GetDeviceCaps
SetTextAlign
CreateBrushIndirect
CreateBitmap
CreateSolidBrush
CreateDIBSection
CreateFontIndirectW
SetTextColor
TextOutW
CreateFontW

comdlg32

ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegDeleteValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExW
CloseServiceHandle
DeleteService
ControlService
OpenServiceW
OpenSCManagerW
StartServiceW
CreateServiceW
GetUserNameW
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl

shell32

Shell_NotifyIconW
ExtractIconW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

shlwapi

PathAppendW
PathRemoveFileSpecW
PathIsFileSpecW

ws2_32

socket
connect
WSACleanup
gethostbyname
inet_ntoa
htons
inet_addr
WSAStartup
send
recv
shutdown
closesocket

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e6e0e414bb315736ae61332032a1cb1

Headers

File Characteristics

PDB Paths

Imports

comctl32

powrprof

gdiplus

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

version

setupapi

Sections

.text Size: 525KB - Virtual size: 524KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 11KB - Virtual size: 113KB

.rsrc Size: 119KB - Virtual size: 118KB

.reloc Size: 126KB - Virtual size: 126KB

.text
Size: 525KB - Virtual size: 524KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 11KB - Virtual size: 113KB

.rsrc
Size: 119KB - Virtual size: 118KB

.reloc
Size: 126KB - Virtual size: 126KB