vsdriver[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

vsdriver.exe
Size

55KB
MD5

b0f565d74109e7a12ee8c1a7d89eadcb
SHA1

cd9e866c9516fa160fa9c8ee093e5dedde425f32
SHA256

bddb5fce5046a16b426f0d6cec1d76645fac4bda39892c20a2379ceaee2e3216
SHA512

0406094858bed79a33f706e1a2cd597d74528ae9e7fd1cda9bf60b4f5556c1627683f1ef099205191fdd490ea192adbb589f7ecefbdf2f8e1838ffa922587fb2
SSDEEP

768:5eFvcR+xkHUC4JnVM26Psg0O7qHv7lHzS2os/Smh9muyh82PZcED1ZnxymYOu5y:5AFJVdY0iqHFzr/19erP3Vxuc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vsdriver.exe

Files

vsdriver.exe
.exe windows:5 windows x86 arch:x86

6b3cf6e65357829892133e0ffd72d5c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\User\Documents\Visual Studio 2010\Projects\hidapi-0.6.0\windows\Release\vsdriver.pdb

Imports

hidapi

hid_get_manufacturer_string
hid_get_product_string
hid_set_nonblocking
hid_read
hid_get_serial_number_string
hid_open

kernel32

WideCharToMultiByte
SetEnvironmentVariableA
CompareStringW
CreateFileW
Sleep
EnterCriticalSection
LeaveCriticalSection
DecodePointer
EncodePointer
GetLastError
SetConsoleCtrlHandler
GetProcAddress
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapFree
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetFileAttributesA
SetStdHandle
CloseHandle
LoadLibraryW
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
IsProcessorFeaturePresent
WriteConsoleW
MultiByteToWideChar
SetFilePointer
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
HeapSize
LCMapStringW
GetStringTypeW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b3cf6e65357829892133e0ffd72d5c8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hidapi

kernel32

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 3KB