Aquantia_Setup2[.]1[.]1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Aquantia_Setup2.1.1.exe
Size

10.3MB
MD5

5303837e62542f10e879b0daa1e3c04e
SHA1

093a67628fca4407f574f9478cd08a232046a89c
SHA256

10062b20e7ff6fc7edf5764599bba4e0b1caf9a00d62429f77798a49b822fcc6
SHA512

aa85d29bfa507aa49d05eeb2dbaef63dc59dddc035c016aebe08195dffecfad8872097da528bcf4cda058d5e8b458169bcb70f27e4a1dd41b7c897341f85e73b
SSDEEP

98304:wQoZjrSmFdLEEHZo5grNJDpP//6SL39DTE67DUE7uiylNEyTdH57Jsv6tWKFdu98:sFrSyHZDxvUEe7Jsv6tWKFdu9CR9BPC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Aquantia_Setup2.1.1.exe

Files

Aquantia_Setup2.1.1.exe
.exe windows:6 windows x86 arch:x86

43c6c2d62ee98d5643e26d2af21c23b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext
ImmGetVirtualKey
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmGetDefaultIMEWnd
ImmReleaseContext
ImmAssociateContext

oleaut32

SafeArrayCreateVector
SysAllocString
SafeArrayPutElement

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

gdi32

SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
CreateBitmap
ChoosePixelFormat
GetRegionData
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
DeleteObject
DeleteDC
CreateRectRgn
CreateCompatibleDC
CombineRgn
GetDIBits
SelectClipRgn
DescribePixelFormat

uxtheme

GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
GetThemeTransitionDuration
CloseThemeData
GetThemeColor
GetThemeBackgroundRegion
IsThemeBackgroundPartiallyTransparent
GetThemeBool
SetWindowTheme
IsThemeActive
IsAppThemed
GetThemeInt
GetThemePartSize
ord47
GetCurrentThemeName
OpenThemeData

dwmapi

DwmEnableBlurBehindWindow
DwmIsCompositionEnabled

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleInitialize
OleUninitialize
CoInitializeEx
StringFromGUID2
CoCreateGuid
CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoInitialize
CoUninitialize

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
AccessCheck
SystemFunction036
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
BuildTrusteeWithSidW
GetNamedSecurityInfoW
GetEffectiveRightsFromAclW
LookupAccountSidW
MapGenericMask
GetTokenInformation
GetLengthSid
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
RegQueryInfoKeyW
RegSetValueExW

user32

GetWindowTextW
CloseTouchInputHandle
GetTouchInputInfo
GetAsyncKeyState
GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
EnumDisplayDevicesW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
FindWindowA
SetCaretPos
ShowCaret
DestroyCaret
CreateCaret
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
EnumWindows
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
UpdateLayeredWindow
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
EnableMenuItem
GetSystemMenu
SetWindowPlacement
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
ShowWindow
RealGetWindowClassW
ChangeWindowMessageFilterEx
MessageBoxW
DrawIconEx
GetWindowPlacement
ReleaseDC
GetDC
DestroyWindow
DefWindowProcW
SetWindowPos
MoveWindow
SystemParametersInfoW
GetSystemMetrics
SetLayeredWindowAttributes
DestroyMenu
IsWindowVisible
GetSysColor
GetDesktopWindow
GetDoubleClickTime
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
UnregisterDeviceNotification
RegisterDeviceNotificationW
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DispatchMessageW
IsWindow
MessageBeep
GetCaretBlinkTime
FlashWindowEx
IsChild
GetClientRect
ReleaseCapture
TranslateMessage
CreateWindowExW

iphlpapi

ConvertInterfaceNameToLuidW
ConvertInterfaceLuidToNameW
ConvertInterfaceIndexToLuid
GetAdaptersAddresses

ws2_32

htonl
WSAAsyncSelect

netapi32

NetApiBufferFree
NetShareEnum

userenv

GetUserProfileDirectoryW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

WriteConsoleW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetOEMCP
GetACP
IsValidCodePage
GetFileSizeEx
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
HeapFree
HeapAlloc
GetStdHandle
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetStdHandle
SetFileAttributesW
FreeLibraryAndExitThread
ExitThread
GetCommandLineA
LoadLibraryExW
RtlUnwind
InitializeSListHead
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
RaiseException
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
SetLastError
VirtualFree
VirtualAlloc
CreateMutexW
ReleaseMutex
GetExitCodeProcess
GetUserGeoID
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
WideCharToMultiByte
MultiByteToWideChar
RegisterWaitForSingleObject
UnregisterWaitEx
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WriteFile
SetFilePointerEx
SetEndOfFile
ReadFile
GetFileType
FlushFileBuffers
GetFileInformationByHandleEx
SystemTimeToFileTime
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
MoveFileW
CopyFileW
DeviceIoControl
GetVolumePathNamesForVolumeNameW
GetTempPathW
SetFileTime
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
GetStartupInfoW
LCMapStringW
CompareStringW
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetFileAttributesExW
CreateFileW
GetUserPreferredUILanguages
GetUserDefaultLCID
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
CreateThread
WaitForMultipleObjects
WaitForSingleObject
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
CreateEventW
WaitForSingleObjectEx
SetEvent
GetCommandLineW
GetLocalTime
GetSystemTime
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
OutputDebugStringW
CompareStringEx
DeleteCriticalSection
LeaveCriticalSection
HeapSize
InitializeCriticalSection
GetConsoleWindow
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
GetUserDefaultLangID
GetCurrentProcessId
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalLock
GlobalUnlock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
EnterCriticalSection
CreateProcessW
CloseHandle
ExpandEnvironmentStringsW
SetErrorMode
WTSGetActiveConsoleSessionId
FormatMessageW
LocalFree
GetProcAddress
GetModuleHandleW
GetCurrentThreadId
GetLastError
ExitProcess
Sleep
IsWow64Process
lstrcmpW

shell32

SHGetKnownFolderPath
CommandLineToArgvW
Shell_NotifyIconGetRect
Shell_NotifyIconW
SHBrowseForFolderW
SHGetKnownFolderIDList
SHGetPathFromIDListW
SHGetMalloc
SHCreateItemFromParsingName
SHCreateItemFromIDList
ShellExecuteW
ord727
SHGetStockIconInfo
SHGetFileInfoW

winmm

timeSetEvent
timeKillEvent

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43c6c2d62ee98d5643e26d2af21c23b7

Headers

DLL Characteristics

File Characteristics

Imports

imm32

oleaut32

wtsapi32

gdi32

uxtheme

dwmapi

ole32

advapi32

user32

iphlpapi

ws2_32

netapi32

userenv

version

kernel32

shell32

winmm

Sections

.text Size: 6.9MB - Virtual size: 6.9MB

.rdata Size: 3.0MB - Virtual size: 3.0MB

.data Size: 92KB - Virtual size: 146KB

.qtmetad Size: 1024B - Virtual size: 770B

_RDATA Size: 512B - Virtual size: 292B

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 224KB - Virtual size: 223KB

.text
Size: 6.9MB - Virtual size: 6.9MB

.rdata
Size: 3.0MB - Virtual size: 3.0MB

.data
Size: 92KB - Virtual size: 146KB

.qtmetad
Size: 1024B - Virtual size: 770B

_RDATA
Size: 512B - Virtual size: 292B

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 224KB - Virtual size: 223KB