7a7ba0a2b82c29424376609451e70880e0620bc3d81dd318fe8301a5e626017f

Sharing

Copy URL

Twitter E-mail

General

Target

7a7ba0a2b82c29424376609451e70880e0620bc3d81dd318fe8301a5e626017f
Size

735KB
MD5

11b1efb942c0f3395f82372872763600
SHA1

00d5f0daa769d288b7602618f7fd48154004d227
SHA256

7a7ba0a2b82c29424376609451e70880e0620bc3d81dd318fe8301a5e626017f
SHA512

1194c33da3c4fc0049c3980842e4ef21957783881482c9e87d912fe231d187ea609057ccd389a6be61a706035e8076c83f40003d5605c0b4e8a9c2aa042c1f73
SSDEEP

12288:o/2iPPxVBcdk0sHQoUBL8252uui8FbECP7BhdfswdJ0NXdU8ZWH7DEP1rCJ7U3m:uBcdSHXt2rR8FfBhRJUEbDk1ulU2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a7ba0a2b82c29424376609451e70880e0620bc3d81dd318fe8301a5e626017f

Files

7a7ba0a2b82c29424376609451e70880e0620bc3d81dd318fe8301a5e626017f
.exe windows:6 windows x86 arch:x86

8f8e6890b67dc6f393507e7a93348fff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Working\AsusWifiRoaming\Release\AsusWiFiSmartConnect.pdb

Imports

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
ResetEvent
CreateEventW
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSectionEx
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
WaitForSingleObjectEx

api-ms-win-core-errorhandling-l1-1-0

GetLastError
RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LoadLibraryExW
GetModuleFileNameW
GetProcAddress
LoadResource
GetModuleHandleExW
GetModuleHandleW
FreeLibrary
SizeofResource
LockResource

iphlpapi

SetPerTcpConnectionEStats
GetExtendedTcpTable
GetPerTcpConnectionEStats

api-ms-win-core-privateprofile-l1-1-0

GetPrivateProfileStringW

api-ms-win-core-heap-l1-1-0

HeapFree
HeapReAlloc
HeapDestroy
HeapAlloc
GetProcessHeap
HeapSize

ext-ms-win-networking-wlanapi-l1-1-0

WlanQueryInterface
WlanGetProfileList
WlanFreeMemory
WlanGetProfile
WlanEnumInterfaces
WlanOpenHandle

wlanapi

WlanGetNetworkBssList
WlanConnect
WlanScan

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringW
WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-localization-l1-2-0

IsValidCodePage
GetOEMCP
GetACP
FormatMessageW
LCMapStringW
GetCPInfo

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-console-l1-1-0

AllocConsole
WriteConsoleW
GetConsoleMode
GetConsoleCP

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetSpecialFolderPathW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-service-management-l1-1-0

OpenServiceW
CreateServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

shell32

ShellExecuteA

shlwapi

PathRemoveFileSpecW

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
TlsFree
GetStartupInfoW
TlsSetValue
GetCurrentProcessId
GetCurrentThreadId
TlsAlloc
TlsGetValue
ExitProcess

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind

api-ms-win-core-processenvironment-l1-1-0

SetStdHandle
GetEnvironmentStringsW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetStdHandle
GetCommandLineW
GetCommandLineA

api-ms-win-core-file-l1-1-0

FindClose
GetFileType
FindFirstFileExW
FlushFileBuffers
FindNextFileW
SetFilePointerEx
WriteFile
CreateFileW

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 572KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8f8e6890b67dc6f393507e7a93348fff

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-core-synch-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

iphlpapi

api-ms-win-core-privateprofile-l1-1-0

api-ms-win-core-heap-l1-1-0

ext-ms-win-networking-wlanapi-l1-1-0

wlanapi

api-ms-win-core-threadpool-legacy-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-util-l1-1-0

api-ms-win-core-console-l1-1-0

ext-ms-win-shell32-shellfolders-l1-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-service-management-l1-1-0

advapi32

shell32

shlwapi

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-file-l1-1-0

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 10KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 572KB - Virtual size: 576KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 10KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 572KB - Virtual size: 576KB