b244c14b895afe3fed1604bdf8e260e7ad99691435dd70ed56f8340ea5768a0a

Sharing

Copy URL Twitter E-mail

General

Target

b244c14b895afe3fed1604bdf8e260e7ad99691435dd70ed56f8340ea5768a0a
Size

1.4MB
MD5

4cdf010e46142da48740427c6db2e9c2
SHA1

f13e104683ca2f7128a42f2b425130aa8f12d880
SHA256

b244c14b895afe3fed1604bdf8e260e7ad99691435dd70ed56f8340ea5768a0a
SHA512

71a1f072515fcbc6c148321dc3a9e11b0a2b1dcb588b4459e8edf04753a86fa1c7c89c29b35cb78f58adeee6ce840c38655d6ccebe220e38abc4f259e759d200
SSDEEP

12288:UHeLY9v8BJWLZ8ltTNsINnX+s/u3t6z5Y32w7ErGgRfmwWrp0:09sYwJnssGU1Y32SXg1mJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b244c14b895afe3fed1604bdf8e260e7ad99691435dd70ed56f8340ea5768a0a

Files

b244c14b895afe3fed1604bdf8e260e7ad99691435dd70ed56f8340ea5768a0a
.exe windows:6 windows x64 arch:x64

103d843a7168410ed2d987e733e96035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ijen_wen\Desktop\AsusSystemDiagnosisV2\ASUSSoftwareRepair\x64\Release\AsusPlatformDefinedRecovery.pdb

Imports

kernel32

WriteConsoleW
LocalFree
LocalAlloc
CreateThread
CloseHandle
Sleep
GetModuleFileNameA
DeleteCriticalSection
GetLastError
MultiByteToWideChar
InitializeCriticalSection
HeapReAlloc
HeapSize
SetFilePointerEx
FlushFileBuffers
CreateFileW
GetStringTypeW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
HeapFree
HeapAlloc
GetFileType
GetConsoleCP
GetConsoleMode
CompareStringW
LCMapStringW

user32

RegisterPowerSettingNotification

advapi32

CreateServiceA
StartServiceCtrlDispatcherA
CloseServiceHandle
SetServiceStatus
OpenSCManagerA
RegisterServiceCtrlHandlerExA
DeleteService
ControlService
StartServiceA
OpenServiceA

ole32

CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
SafeArrayGetElement

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
CM_Enable_DevNode
CM_Disable_DevNode
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiGetDevicePropertyW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.2MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

103d843a7168410ed2d987e733e96035

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

setupapi

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1.2MB - Virtual size: 1.9MB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1.2MB - Virtual size: 1.9MB