0161ce2c1c5b44ca1a83696cc0e7a97da41ee582c1545e1d4e91286170528437

Sharing

Copy URL

Twitter E-mail

General

Target

0161ce2c1c5b44ca1a83696cc0e7a97da41ee582c1545e1d4e91286170528437
Size

203KB
MD5

a27ea236349e8ec5aa0ba576d8e4c681
SHA1

a593bc1088359cdca4d6d21b719be9d46880c26c
SHA256

0161ce2c1c5b44ca1a83696cc0e7a97da41ee582c1545e1d4e91286170528437
SHA512

f2c12127ecaca3287439f49bd91fc505665781bd7644eec5dc457e1a8c6cb38704e5586d2fc144531ed2253df6bab23a23105bb417a1ca78e76f97d70b796b5e
SSDEEP

3072:/ikKOPYnXqbvdoXcBm8pN7SB/ZjDpeMrji+gKefyZ0FjzQkBink9:BpPYnXqbiXEmF5RDpeMqCAMnk9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0161ce2c1c5b44ca1a83696cc0e7a97da41ee582c1545e1d4e91286170528437

Files

0161ce2c1c5b44ca1a83696cc0e7a97da41ee582c1545e1d4e91286170528437
.exe windows:5 windows x86 arch:x86

6f0f96780b1dff42f1fc8916c02ee90d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\mycode\pcsuites\src\tools\usb_dirver_install\driver_install.pdb

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

WaitForSingleObjectEx
CreateFileW
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameW
GetModuleHandleExW
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
GetCommandLineW
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
HeapValidate
GetSystemInfo
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringW
CloseHandle
CreateThread
LoadLibraryExW
GetStdHandle
GetFileType
WriteFile
OutputDebugStringA
WriteConsoleW
GetCurrentThreadId
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetModuleFileNameA
HeapAlloc
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
SetStdHandle

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0f96780b1dff42f1fc8916c02ee90d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

newdev

kernel32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 8KB