DSE-Patcher[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DSE-Patcher.exe
Size

1.9MB
MD5

2527dff88ad0570267e33c3742142edb
SHA1

46267beb976f097db4129cc624745cbef94cda84
SHA256

a1a2730bbaa95082c28051becf2eacc2e2f1f2951b7d932a96c8744712049acb
SHA512

bb2f1a28b16f11c212223607005cba0e350bbc6901f7bbdb30edb186687a1c6982ce2f80886d400b6359a66b22d0482245bb18402eb214db8854a6abf2c10888
SSDEEP

49152:KfPVpFCsfZRZA6Xn388avVovfLd+Mo4iEdy:KxZ2ans8GVoLd+GnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DSE-Patcher.exe

Files

DSE-Patcher.exe
.exe windows:6 windows x64 arch:x64

aa895e308078800a6f5ae68d54e68314

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
malloc
?terminate@@YAXXZ
strcpy
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__C_specific_handler
__getmainargs
strrchr
_stricmp
strcat
sprintf
free

shlwapi

PathFileExistsA

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiRemoveDevice
SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoList
SetupDiGetINFClassA
SetupDiCreateDeviceInfoA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

comctl32

ord6

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
GetCurrentProcessId
GetStartupInfoW
FreeLibrary
LocalFree
GetProcAddress
CloseHandle
lstrcpyA
DeleteFileA
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
DeviceIoControl
CreateFileA
CreateThread
MulDiv
GetModuleFileNameA
GetCurrentProcess
WriteFile
LoadLibraryExA
lstrlenA
LocalAlloc
lstrcatA
Sleep
GetLastError
GetSystemDirectoryA
LoadLibraryA

user32

KillTimer
GetDC
MessageBoxA
SetTimer
EnableWindow
ReleaseDC
GetDlgItem
GetClientRect
LoadIconA
SendMessageA
SetFocus
CreateWindowExA
DialogBoxParamA
EndDialog

gdi32

CreateFontIndirectA
GetDeviceCaps

advapi32

QueryServiceStatusEx
CreateServiceA
SetSecurityDescriptorDacl
SetEntriesInAclA
AdjustTokenPrivileges
RegCloseKey
CloseServiceHandle
SetNamedSecurityInfoA
AllocateAndInitializeSid
LookupPrivilegeValueA
OpenSCManagerA
DeleteService
ControlService
GetNamedSecurityInfoA
StartServiceA
RegSetValueExA
OpenProcessToken
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExA
SetFileSecurityA
OpenServiceA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa895e308078800a6f5ae68d54e68314

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

shlwapi

newdev

setupapi

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1.8MB - Virtual size: 1.8MB

.pdata Size: 512B - Virtual size: 480B

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.pdata
Size: 512B - Virtual size: 480B

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 512B - Virtual size: 16B