uDiskToolBar[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

uDiskToolBar.exe
Size

2.6MB
MD5

f2ac7ec64a38566aea097fb7fd7eef58
SHA1

227a35b53a1ec76b90966ff1d2eca49d835cc765
SHA256

eb6640ad83a7881adc7699ca75736c648d2bfc3ddeddbafe63d563c6d8b1d99b
SHA512

ba9c51263cee726aa215d2bf4c984b59e304d965d2f47ac3ffed59bba322c72750b70224ff5d8fbf050ea46c3c8cfa46aa5c09ef604f1d53fd4501e3c48bda88
SSDEEP

24576:vUIiuXdNZ8OdoE3rJj4hIjoCIDyjRR2T8hbIp+W0uyD02DiPDr+lhDsSEAb8EhA:v9TuO++N4i878zlD02k41sSdA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
uDiskToolBar.exe

Files

uDiskToolBar.exe
.exe windows:4 windows x86 arch:x86

8b52031c024a485128dd70f73a27a6d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
CM_Request_Device_EjectW
CM_Get_Parent
SetupDiCallClassInstaller

dbghelp

MakeSureDirectoryPathExists

kernel32

RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
GetACP
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualAlloc
IsBadWritePtr
InterlockedExchange
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
GetFileTime
lstrcmpA
GetCurrentThread
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GetThreadLocale
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
DuplicateHandle
lstrcpynA
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LockResource
FindResourceA
LoadResource
GetLogicalDrives
InterlockedDecrement
SetFileAttributesW
SetFilePointer
CreateDirectoryW
CopyFileW
CreateFileW
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeZoneInformation
GetFileAttributesW
FindFirstFileW
lstrcpyW
lstrcatW
WideCharToMultiByte
FindNextFileW
ReadFile
FlushFileBuffers
QueryDosDeviceA
GetDriveTypeA
GetVolumeInformationA
GetDriveTypeW
GetVolumeInformationW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetSystemDirectoryA
DeviceIoControl
GetProfileStringA
GetTickCount
FormatMessageA
LocalFree
LocalAlloc
lstrlenA
CreateEventA
ResetEvent
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
VirtualFreeEx
MultiByteToWideChar
SetLastError
GetCurrentProcess
GetTempPathA
FreeLibrary
LoadLibraryA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
DeleteFileA
WritePrivateProfileStringA
GetModuleFileNameA
MulDiv
Sleep
GetModuleHandleA
GetProcAddress
CreateDirectoryA
CopyFileA
GlobalAlloc
GlobalReAlloc
GlobalLock
WriteFile
GlobalUnlock
GlobalFree
OutputDebugStringA
SetCurrentDirectoryA
FindFirstFileA
lstrcpyA
lstrcatA
GetFileAttributesA
FindNextFileA
GetLastError
FindClose
CreateFileA
GetFileSize
CloseHandle
VirtualFree

user32

EndPaint
BeginPaint
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
IntersectRect
GetWindowPlacement
GetDlgItem
IsWindowEnabled
wsprintfA
RegisterDeviceNotificationA
UnregisterDeviceNotification
CharUpperA
MessageBoxA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
IsWindowUnicode
EnumWindows
FindWindowExA
IsIconic
GetSystemMenu
AppendMenuA
DrawIcon
RegisterClassA
WindowFromDC
LoadCursorA
SetWindowPos
GetWindowDC
GetSysColorBrush
SetActiveWindow
MapDialogRect
SetParent
EnumChildWindows
GetClassNameA
DefWindowProcA
CheckMenuItem
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
SetMenuDefaultItem
LoadStringA
LoadIconA
DestroyWindow
CreateWindowExA
RegisterClassExA
RegisterWindowMessageA
SystemParametersInfoA
GetWindow
MessageBeep
CallWindowProcA
GrayStringA
DrawTextA
TabbedTextOutA
DrawEdge
FindWindowA
ShowWindow
LoadBitmapA
ValidateRect
GetMessageA
PostQuitMessage
ShowOwnedPopups
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
GetDesktopWindow
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
CreateDialogIndirectParamA
SetWindowContextHelpId
GetKeyNameTextA
SetWindowLongA
RedrawWindow
PeekMessageA
TranslateMessage
DispatchMessageA
GetNextDlgGroupItem
GetKeyState
GetWindowLongA
WindowFromPoint
GetParent
PostThreadMessageA
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
GetWindowRect
DrawFocusRect
DrawStateA
InflateRect
LoadMenuA
LoadImageA
GetIconInfo
CreateIconIndirect
FillRect
GetSysColor
GetSubMenu
TrackPopupMenuEx
PostMessageA
SetCursor
DestroyIcon
DestroyCursor
DestroyMenu
SetCapture
GetCapture
IsWindowVisible
UpdateWindow
SetWindowRgn
FrameRect
CopyRect
OffsetRect
SetRect
IsWindow
GetCursorPos
GetSystemMetrics
GetDC
ReleaseDC
PtInRect
ReleaseCapture
SendMessageA
RegisterClipboardFormatA
EnableWindow
KillTimer
SetTimer
InvalidateRect
GetClientRect
CopyAcceleratorTableA
CharNextA
DrawAnimatedRects
EndDialog

gdi32

GetClipBox
PatBlt
GetTextColor
CreateDIBitmap
GetTextExtentPointA
LineTo
MoveToEx
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetObjectA
StretchDIBits
GetStockObject
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
RoundRect
Rectangle
Polygon
CreateFontA
Escape
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
CreateRectRgn
CombineRgn
SelectClipRgn
GetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
DeleteObject
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
SetPixel
StretchBlt
BitBlt
FrameRgn
FillRgn
GetDeviceCaps
CreateCompatibleDC
CreateRoundRectRgn
CreatePalette
SaveDC

comdlg32

GetFileTitleA
GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
GetUserNameA
OpenSCManagerA
RegDeleteValueA
OpenProcessToken

shell32

DragQueryFileA
DragFinish
SHAppBarMessage
Shell_NotifyIconA
SHChangeNotify
ShellExecuteA
SHGetFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateGuid
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
OleLoadPicturePath
SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString

odbc32

ord13
ord31
ord9
ord75
ord11
ord4
ord39
ord7
ord24

netapi32

NetUserGetInfo
NetApiBufferFree

Exports

Exports

_LockDisk@12
_UnLockDisk@12

Sections

.text
Size: 924KB - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b52031c024a485128dd70f73a27a6d5

Headers

File Characteristics

Imports

winmm

setupapi

dbghelp

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

odbc32

netapi32

Exports

Exports

Sections

.text Size: 924KB - Virtual size: 920KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 316KB - Virtual size: 343KB

.sxdata Size: 4KB - Virtual size: 244B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 924KB - Virtual size: 920KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 316KB - Virtual size: 343KB

.sxdata
Size: 4KB - Virtual size: 244B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB