7b02e17c73c7b67aae31457a843b99e111f9e96ef6ec9ddad0b044634a467055

Sharing

Copy URL Twitter E-mail

General

Target

7b02e17c73c7b67aae31457a843b99e111f9e96ef6ec9ddad0b044634a467055
Size

425KB
MD5

faac17f3f45ed7d6843de7a352d1d9af
SHA1

ea6f877e63b1a1e811aa2f4ab300e1aa7fa5bc16
SHA256

7b02e17c73c7b67aae31457a843b99e111f9e96ef6ec9ddad0b044634a467055
SHA512

1ee43e010bd79f18125eceb2e150f4fc6e4be6705ad1598838cf9c87d871d6d2e795c1f906fed10ae46074c653dc146dcb9fd5cb24f73bd0100841dff79d80f6
SSDEEP

6144:Z4kmRY+zubzyq+zs+qkM7ZVgkf3EDEF+djVQlCX+oh3fZ86HewzHAOqmt0nbLxYD:PmRO+wHkwKQlCuoh3p+qJWLA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b02e17c73c7b67aae31457a843b99e111f9e96ef6ec9ddad0b044634a467055

Files

7b02e17c73c7b67aae31457a843b99e111f9e96ef6ec9ddad0b044634a467055
.exe windows:6 windows x86 arch:x86

e224f20d7cc35b66c5695e3b757f1735

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Git\CustomerTool\customertool\Lenovo\LenovoMonitorFwUpdate_DemindByOdin\ToolCode\x86\Release\fwupdate.pdb

Imports

kernel32

GetFileSizeEx
GetFileTime
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
GetFileAttributesExW
FindFirstFileExA
GetDriveTypeW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapQueryInformation
GetModuleHandleExW
GetFileType
SetStdHandle
GetCommandLineA
RtlUnwind
GetCPInfo
LCMapStringW
GetStringTypeW
OutputDebugStringW
GetFileAttributesW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
WritePrivateProfileStringW
CreateEventW
SetEvent
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFindAtomW
GlobalAddAtomW
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
LoadLibraryA
GetCurrentProcess
DuplicateHandle
CloseHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
SetErrorMode
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
FormatMessageW
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
WideCharToMultiByte
MoveFileW
GetPrivateProfileIntW
DeleteFileW
GetPrivateProfileStringW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCommandLineW
GetModuleHandleW
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
GetModuleFileNameW

user32

LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
SetWindowTextW
IsWindowEnabled
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetWindowThreadProcessId
SetPropW
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TranslateMessage
SetMenu
PostMessageW
GetClientRect
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos
GetActiveWindow
GetCursorPos
SetCursor
ClientToScreen
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetPropW
GetMessageW
SetRectEmpty
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostQuitMessage
CharUpperW
GetSystemMetrics
SendMessageW
GetScrollPos
GetWindowTextW
GetWindowLongW
GetWindow
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
DestroyMenu
UpdateWindow
CreateWindowExW
IsWindow
DestroyWindow
IsMenu

gdi32

DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
StrToIntW
StrToIntExW

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oleacc

CreateStdAccessibleObject
LresultFromObject

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e224f20d7cc35b66c5695e3b757f1735

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 277KB - Virtual size: 277KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 8KB - Virtual size: 19KB

.gfids Size: 4KB - Virtual size: 3KB

.giats Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 277KB - Virtual size: 277KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 8KB - Virtual size: 19KB

.gfids
Size: 4KB - Virtual size: 3KB

.giats
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 18KB - Virtual size: 18KB