39dd420093e2fedf033e44463442b5b94d16e9a4bccf8eb5113133164a137b60

Sharing

Copy URL Twitter E-mail

General

Target

39dd420093e2fedf033e44463442b5b94d16e9a4bccf8eb5113133164a137b60
Size

355KB
MD5

359a5a8f01ed40a3e4b6a22bdcc6576b
SHA1

fa1362a1d57fba522e6bde5b6f4ee8fa44d83323
SHA256

39dd420093e2fedf033e44463442b5b94d16e9a4bccf8eb5113133164a137b60
SHA512

7e945ebb842fe18448a85221abb5e613dc7c1fb060c18004d039c93f1b50dade7630f28a3cf5c4ce3d3f00476886c28c691e022307322b3a5a2320f25fd31ee9
SSDEEP

6144:eXp7lnc9kg50jQ+IThkPMFtFN4CXF3m8nh06PNkKMwMLsW+hh7QIfiK2/:eXpxnc9kA0jQ+ch5zFaClh06PNbMwMLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39dd420093e2fedf033e44463442b5b94d16e9a4bccf8eb5113133164a137b60

Files

39dd420093e2fedf033e44463442b5b94d16e9a4bccf8eb5113133164a137b60
.dll windows:6 windows x86 arch:x86

3f9de9f87d3203033e460322334c68ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\Installer\20191119\src\DriverInstaller\Src\IJDriverInstaller\UtilityLibraries\Win32\Release\cnwiius.pdb

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
CM_Get_Sibling
CM_Get_Device_IDW
CM_Get_Child
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
CM_Reenumerate_DevNode
SetupDiGetClassDevsW
SetupDiGetDevicePropertyW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInterfaceDetailW

kernel32

GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
SetFilePointerEx
HeapReAlloc
HeapSize
GetProcessHeap
GetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleExW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
DeviceIoControl
CreateFileW
CloseHandle
lstrlenW
InitializeCriticalSectionEx
RaiseException
DecodePointer
DeleteCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WriteConsoleW
CreateEventW
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA

Exports

Exports

CNWIIUS_QueryDeviceList
CNWIIUS_QueryUsbHubList
CNWIIUS_ReenumerateUsbDevices
CNWIIUS_ReleaseDeviceList
CNWIIUS_ReleaseUsbHubList

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 184KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f9de9f87d3203033e460322334c68ca

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text Size: 184KB - Virtual size: 188KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 184KB - Virtual size: 188KB