f651c22d6703c6e1aca524be505339f6a437e62959fc22482e08c48e5411fc12

Sharing

Copy URL Twitter E-mail

General

Target

f651c22d6703c6e1aca524be505339f6a437e62959fc22482e08c48e5411fc12
Size

2.3MB
MD5

00c8689cc17f9e4da573f78821505276
SHA1

137942db929712d6f214c05be5b51e09beea789e
SHA256

f651c22d6703c6e1aca524be505339f6a437e62959fc22482e08c48e5411fc12
SHA512

c94e819f1ebd09139182f09dcc5636ed1fa3c7a20004074d9de63752cf40ba9e915fb04d7be384d8db655f2380876104c557ee3c022f0c8b7a01eca1d658b9e8
SSDEEP

49152:VGRW/Rdv1va/F94It1gaGzKfy/hBPKjUMRf/jURIGXtj7imAPVto8dAw7:8W/Rdv1va94It1MzMy/DPKjUMRfbUnXQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f651c22d6703c6e1aca524be505339f6a437e62959fc22482e08c48e5411fc12

Files

f651c22d6703c6e1aca524be505339f6a437e62959fc22482e08c48e5411fc12
.exe windows:5 windows x86 arch:x86

58846b9a1367eae831e4e84a35685971

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\USB_WRITER\WRITER\Release\USBWriter.pdb

Imports

psapi

GetModuleBaseNameA
EnumProcesses

version

VerQueryValueA

kernel32

GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsValidCodePage
LCMapStringW
CompareStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
HeapCreate
SetHandleCount
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
IsProcessorFeaturePresent
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
HeapSize
HeapQueryInformation
lstrlenA
lstrcpyA
WideCharToMultiByte
SizeofResource
LockResource
LoadResource
HeapReAlloc
FindResourceW
WaitForSingleObject
SetEvent
OutputDebugStringA
GetExitCodeThread
CloseHandle
CreateFileA
GetFileSize
ReadFile
SetFilePointer
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
CreateThread
FreeLibrary
DeleteFileA
GetTickCount
DeviceIoControl
GetLastError
GetLogicalDrives
GetDriveTypeA
Sleep
GetModuleHandleA
GetCurrentProcessId
OpenProcess
GetModuleFileNameA
FindResourceA
GetEnvironmentVariableA
IsDebuggerPresent
GetPrivateProfileIntA
GetTempPathA
CreateDirectoryA
VirtualQuery
GetSystemInfo
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetDateFormatA
GetTimeFormatA
ExitProcess
GetFileType
SetStdHandle
HeapFree
HeapAlloc
DecodePointer
EncodePointer
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetErrorMode
GetSystemDirectoryW
GetVersionExA
AttachConsole
AllocConsole
GetPrivateProfileStringA
ExitThread
GetOEMCP
GetCPInfo
GetACP
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleScreenBufferSize
GlobalFlags
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetFileAttributesExA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
GetThreadLocale
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
SuspendThread
GetCurrentThreadId
SetThreadPriority
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MultiByteToWideChar
InterlockedDecrement
GetModuleFileNameW
SetLastError
ActivateActCtx
ReleaseActCtx
CreateActCtxW
DeactivateActCtx
GetFullPathNameA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileTime
ResumeThread
GetCurrentProcess
DuplicateHandle
WritePrivateProfileStringA
CreateEventA
MulDiv
lstrcmpiA
GetPrivateProfileSectionA
FreeResource
GetUserDefaultLangID
ResetEvent
SetConsoleTextAttribute
FreeConsole
SetConsoleTitleA

user32

CloseClipboard
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
TranslateAcceleratorA
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
LoadMenuW
SetClassLongA
DestroyAcceleratorTable
SetWindowRgn
IsZoomed
DrawIconEx
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
DestroyIcon
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
DeleteMenu
WaitMessage
IntersectRect
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
RealChildWindowFromPoint
GetSysColorBrush
UnregisterClassA
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
CharUpperA
MapVirtualKeyA
GetKeyNameTextA
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ModifyMenuA
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
EmptyClipboard
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
MoveWindow
SetWindowLongA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
PeekMessageA
GetCursorPos
GetWindowTextLengthA
GetScrollPos
SetScrollPos
SetFocus
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetNextDlgTabItem
EndDialog
GetMenuState
InsertMenuA
UnhookWindowsHookEx
GetMenuItemID
IsWindowVisible
DrawMenuBar
GetFocus
GetComboBoxInfo
IsWindowEnabled
GetDlgCtrlID
ValidateRect
GetMenuStringA
DrawIcon
GetSystemMetrics
ReleaseDC
GetSystemMenu
SetParent
GetMenuItemCount
GetDC
wsprintfA
UpdateWindow
SetTimer
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageA
DefFrameProcA
DefMDIChildProcA
KillTimer
SetForegroundWindow
ShowWindow
IsIconic
GetWindowTextA
GetWindowThreadProcessId
GetTopWindow
RegisterClassA
LoadCursorA
LoadIconW
DefDlgProcA
SetWindowPos
GetWindowRgn
DestroyCursor
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
GetUpdateRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
MapWindowPoints
TranslateMDISysAccel
SetWindowTextA
GetDlgItem
RedrawWindow
LoadIconA
GetWindow
GetSubMenu
LoadMenuA
CheckMenuItem
SetMenuItemBitmaps
EnableMenuItem
RemoveMenu
AppendMenuA
PtInRect
CopyImage
LoadBitmapW
WindowFromPoint
ClientToScreen
ReleaseCapture
PostMessageA
GetParent
GetWindowRect
SetCapture
DrawEdge
DrawStateA
DrawFocusRect
FrameRect
DrawFrameControl
OffsetRect
InflateRect
FillRect
CreatePopupMenu
SendMessageA
CopyRect
GetSysColor
GetClientRect
LoadImageA
InvalidateRect
IsWindow
EnableWindow
MessageBoxA
wvsprintfA
LoadStringA
GetMenuCheckMarkDimensions

gdi32

LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateCompatibleDC
CreateHatchBrush
CreateRectRgnIndirect
GetTextMetricsA
CreateDIBitmap
CreateCompatibleBitmap
EnumFontFamiliesA
IntersectClipRect
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetBkColor
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
OffsetRgn
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
ExcludeClipRect
SetMapMode
GetClipBox
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
ExtTextOutA
CreateFontIndirectA
GetDeviceCaps
GetCurrentObject
SetPixel
DeleteDC
SetBkColor
SetTextColor
GetTextColor
CreateSolidBrush
GetTextExtentPoint32A
Rectangle
CreatePen
GetStockObject
StretchBlt
PatBlt
GetObjectA
GetTextCharsetInfo
DeleteObject
SelectObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumValueA
CheckTokenMembership
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
FreeSid
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
AllocateAndInitializeSid
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA

shell32

ShellExecuteA
DragFinish
SHGetFileInfoA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

StrToIntA
PathAppendA
StrToIntExA
PathRenameExtensionA
PathStripPathA
PathRemoveFileSpecA
PathFileExistsA
PathCompactPathA
PathFindExtensionA
SHAutoComplete
PathRemoveFileSpecW
PathStripToRootA
PathFindFileNameA
PathIsUNCA

ole32

OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoInitializeEx
CoInitialize
DoDragDrop

oleaut32

SysAllocString
OleCreateFontIndirect
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString

oledlg

ord8

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58846b9a1367eae831e4e84a35685971

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

psapi

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 314KB - Virtual size: 314KB

.data Size: 44KB - Virtual size: 3.1MB

.rsrc Size: 499KB - Virtual size: 499KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 314KB - Virtual size: 314KB

.data
Size: 44KB - Virtual size: 3.1MB

.rsrc
Size: 499KB - Virtual size: 499KB