dcaf6f38d4134c405aa8d1132141e48ec34be85b466214e8bb2c0a3e463b7e54

Sharing

Copy URL Twitter E-mail

General

Target

dcaf6f38d4134c405aa8d1132141e48ec34be85b466214e8bb2c0a3e463b7e54
Size

584KB
MD5

212d44f04d001fbb87919c1e6c89f4f5
SHA1

fd4a76250967be9f59f3e577d7c6e96af48b2505
SHA256

dcaf6f38d4134c405aa8d1132141e48ec34be85b466214e8bb2c0a3e463b7e54
SHA512

f34b65e38f67cc4a78874cf1a245f2294605e8c1baf3965683c8ac396f241944238473f4f4d950bf3ea17a46efdb12923c665f11e385615c44c7f9268f20f241
SSDEEP

12288:hjGEzkXxoqFVKyGVH2sBTtg4d/c4bCUrji6a+bBa1aogac:hjYxoqXuH2sBTt1xGZC01oac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcaf6f38d4134c405aa8d1132141e48ec34be85b466214e8bb2c0a3e463b7e54

Files

dcaf6f38d4134c405aa8d1132141e48ec34be85b466214e8bb2c0a3e463b7e54
.exe windows:6 windows x86 arch:x86

fdeb21c5002f01e9ca047c9e656e35df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Git\CustomerISPTool\54_LenovoMonitorFwUpdateForFoxconn\CpLenovoMonitorFwUpdate\Release\CpLenovoMonitorFwUpdate.pdb

Imports

kernel32

SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
GetFileAttributesExW
MoveFileExW
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapQueryInformation
GetModuleHandleExW
GetCommandLineA
FindNextFileW
FindFirstFileExW
RtlUnwind
GetCPInfo
LCMapStringW
SwitchToThread
GetStringTypeW
OutputDebugStringW
FileTimeToLocalFileTime
GetCurrentProcess
WriteFile
SetEndOfFile
ReadFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
FileTimeToSystemTime
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
CloseHandle
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
FormatMessageW
LocalFree
GlobalFree
GlobalUnlock
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
SetErrorMode
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
FindResourceW
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
SetLastError
OutputDebugStringA
GetACP
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
GetCommandLineW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
GetModuleFileNameW
FindFirstFileExA
WriteConsoleW
HeapFree

user32

LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SetWindowTextW
IsWindowEnabled
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
GetMessageW
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
DrawTextW
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
PostMessageW
GetClientRect
UpdateWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
TranslateMessage
GetActiveWindow
GetCursorPos
SetCursor
GetWindowThreadProcessId
ClientToScreen
RealChildWindowFromPoint
SetTimer
KillTimer
SetWindowLongW
InvalidateRect
SetRectEmpty
OffsetRect
GetParent
PostQuitMessage
SendMessageW
GetScrollPos
GetWindowTextW
GetWindowLongW
GetWindow
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsWindow
IsMenu
DestroyWindow
SetWindowPos
BeginDeferWindowPos
DeferWindowPos
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
ReleaseDC
GetSystemMetrics
DestroyMenu
GetSysColorBrush
LoadCursorW
CharUpperW
RedrawWindow
EndDeferWindowPos
IsWindowVisible
IsIconic

gdi32

DeleteDC
Escape
GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
CreateBitmap
GetDeviceCaps
SetBkColor
SetTextColor

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoTaskMemFree
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdeb21c5002f01e9ca047c9e656e35df

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 413KB - Virtual size: 412KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 11KB - Virtual size: 22KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 413KB - Virtual size: 412KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 11KB - Virtual size: 22KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 24KB - Virtual size: 24KB