4cb092772808de961ef34748e905094b3920cba7d580e91f16a82e6370fabfeb

Sharing

Copy URL Twitter E-mail

General

Target

4cb092772808de961ef34748e905094b3920cba7d580e91f16a82e6370fabfeb
Size

220KB
MD5

0bd30f5b881deee2448e310fbecd2965
SHA1

7c7872a0412030b491672d9f49a4e6334d2f85c2
SHA256

4cb092772808de961ef34748e905094b3920cba7d580e91f16a82e6370fabfeb
SHA512

5ae3d52f2c3210afc6a5861c0a5b5ad81e6c22b7baf583726f1babd1d8780f92b4a7a090ccc5f13649e230c11682c8d3260bcc7c84555e3b1a5a3040cac024c0
SSDEEP

3072:7vJs4Q6It9POF7ep0wMWL5xxbssX+4ET5wbH2j2lQBV+UdE+rECWp7hKSG8:S4Q3P5Lbc9Oz2nBV+UdvrEFp7hKn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cb092772808de961ef34748e905094b3920cba7d580e91f16a82e6370fabfeb

Files

4cb092772808de961ef34748e905094b3920cba7d580e91f16a82e6370fabfeb
.dll windows:4 windows x86 arch:x86

947bc53d6cbefbb2bd4972c024617b78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\Eddy\AI Suite II\Source\AI-Suite II\AssistFunc.pdb

Imports

kernel32

WaitForSingleObject
ReadFile
SetEndOfFile
CloseHandle
CreateProcessA
GetPrivateProfileStringA
TerminateProcess
OpenProcess
GetLocalTime
Sleep
GetExitCodeProcess
LoadLibraryA
CreateFileA
GetProcAddress
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
CreateFileW
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

FindWindowA
SendMessageA
FindWindowW
MessageBoxA
GetWindowThreadProcessId

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
ShellExecuteW

shlwapi

PathFileExistsA

Exports

Exports

AIS2_DeleteKey
AIS2_ReadKeyValue
AIS2_WriteKeyValue
CheckAppConflict
CloseMatrixExe
CloseProcess
GetAIS2Version
GetAIS2Version_FromRegistry
GetAcpiItem
GetInstallAllPathA
GetInstallAllPathW
GetMBIF
GetMatrixVersion
InstallHMService
IsAcpiItemSupported
IsDTModel
IsETModel
IsGamingModel
IsSupportAIS2
QueryColorValue
QueryDriverSupport
QueryFuncSupport
QueryGamingValue
QueryHMLibPathA
QueryHMLibPathW
SetAcpiItem
SetAcpiItemEx
WriteGamingValue
WriteModelValue

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

947bc53d6cbefbb2bd4972c024617b78

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 8KB