45851b31ca15dc43b8c4b0b706620ab78d898593adcecc37e5187bc5361398afN

Sharing

Copy URL

Twitter E-mail

General

Target

45851b31ca15dc43b8c4b0b706620ab78d898593adcecc37e5187bc5361398afN
Size

190KB
MD5

4ea9afca311823fb19b77b4d5f93aba0
SHA1

74f93092e610f6fb929a98996625cdcaf519aa1e
SHA256

45851b31ca15dc43b8c4b0b706620ab78d898593adcecc37e5187bc5361398af
SHA512

e1c51fd1d4431616b8a906453cae1a7b64293d1b9c8a069ba13575a55437dc4df44db29c0a45c85f4ba64170226f6a4980626b72c003a372e3ae3a848b886ab1
SSDEEP

3072:jGQWG231wqzIgHiIPq0ABzVcus7N9Kb8obK9Wdx3HIcrWTeDPjLv:IFHklblZMeDPjLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45851b31ca15dc43b8c4b0b706620ab78d898593adcecc37e5187bc5361398afN

Files

45851b31ca15dc43b8c4b0b706620ab78d898593adcecc37e5187bc5361398afN
.exe windows:4 windows x64 arch:x64

e72d68a1cd33c98b735343f3dd402e6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
__C_specific_handler

msvcrt

__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
memmove
signal
strlen
strncmp
vfprintf

libgio-2.0-0

g_cancellable_new
g_file_new_for_path
g_io_error_quark

libglib-2.0-0

g_bytes_get_data
g_bytes_get_size
g_bytes_new
g_bytes_unref
g_date_time_get_year
g_date_time_new_now_utc
g_date_time_unref
g_error_free
g_error_matches
g_file_get_contents
g_file_set_contents
g_file_test
g_free
g_get_prgname
g_getenv
g_hash_table_get_keys
g_hash_table_insert
g_hash_table_iter_init
g_hash_table_iter_next
g_hash_table_lookup
g_hash_table_new
g_hash_table_new_full
g_hash_table_size
g_hash_table_unref
g_list_free
g_log
g_log_set_handler
g_main_context_iteration
g_main_context_new
g_main_context_unref
g_main_loop_is_running
g_main_loop_new
g_main_loop_quit
g_main_loop_run
g_main_loop_unref
g_malloc0
g_malloc0_n
g_node_find
g_node_insert_before
g_node_n_children
g_node_n_nodes
g_node_new
g_node_traverse
g_option_context_add_main_entries
g_option_context_free
g_option_context_new
g_option_context_parse
g_option_context_set_description
g_option_context_set_summary
g_path_get_basename
g_prefix_error
g_printerr
g_propagate_error
g_ptr_array_add
g_ptr_array_find_with_equal_func
g_ptr_array_new
g_ptr_array_new_with_free_func
g_ptr_array_sort
g_ptr_array_unref
g_set_application_name
g_set_error
g_set_error_literal
g_set_prgname
g_setenv
g_source_attach
g_source_set_callback
g_source_unref
g_str_equal
g_str_hash
g_strcmp0
g_strdup
g_strdup_printf
g_strfreev
g_string_append_len
g_string_append_printf
g_string_free
g_string_insert_len
g_string_new
g_strrstr
g_strsplit
g_strv_contains
g_strv_length
g_timeout_source_new_seconds
g_timer_destroy
g_timer_elapsed
g_timer_new

libgobject-2.0-0

g_object_ref
g_object_unref
g_signal_connect_data
g_type_check_instance_is_a

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

libjson-glib-1.0-0

json_array_get_element
json_array_get_length
json_builder_add_boolean_value
json_builder_add_int_value
json_builder_add_string_value
json_builder_begin_array
json_builder_begin_object
json_builder_end_array
json_builder_end_object
json_builder_new
json_builder_set_member_name
json_node_get_array
json_node_get_node_type
json_node_get_object
json_node_get_string
json_object_get_array_member
json_object_get_boolean_member
json_object_get_int_member
json_object_get_member
json_object_get_string_member
json_object_has_member
json_parser_get_root
json_parser_load_from_file
json_parser_new

libfwupd-2

fwupd_build_history_report_json
fwupd_checksum_get_best
fwupd_client_activate
fwupd_client_build_report_devices
fwupd_client_clear_results
fwupd_client_connect
fwupd_client_disconnect
fwupd_client_download_bytes
fwupd_client_download_set_retries
fwupd_client_emulation_load
fwupd_client_emulation_save
fwupd_client_get_approved_firmware
fwupd_client_get_bios_settings
fwupd_client_get_blocked_firmware
fwupd_client_get_daemon_version
fwupd_client_get_details
fwupd_client_get_device_by_id
fwupd_client_get_devices
fwupd_client_get_devices_by_guid
fwupd_client_get_downgrades
fwupd_client_get_history
fwupd_client_get_host_bkc
fwupd_client_get_host_product
fwupd_client_get_percentage
fwupd_client_get_plugins
fwupd_client_get_releases
fwupd_client_get_remote_by_id
fwupd_client_get_remotes
fwupd_client_get_report_metadata
fwupd_client_get_results
fwupd_client_get_status
fwupd_client_get_tainted
fwupd_client_get_upgrades
fwupd_client_inhibit
fwupd_client_install
fwupd_client_install_release2
fwupd_client_modify_bios_setting
fwupd_client_modify_config
fwupd_client_modify_device
fwupd_client_modify_remote
fwupd_client_new
fwupd_client_quit
fwupd_client_refresh_remote2
fwupd_client_self_sign
fwupd_client_set_approved_firmware
fwupd_client_set_blocked_firmware
fwupd_client_set_feature_flags
fwupd_client_set_main_context
fwupd_client_set_user_agent_for_package
fwupd_client_uninhibit
fwupd_client_unlock
fwupd_client_update_metadata
fwupd_client_upload_report
fwupd_client_verify
fwupd_client_verify_update
fwupd_device_add_release
fwupd_device_array_filter_flags
fwupd_device_get_branch
fwupd_device_get_composite_id
fwupd_device_get_id
fwupd_device_get_name
fwupd_device_get_parent
fwupd_device_get_release_default
fwupd_device_get_releases
fwupd_device_get_status
fwupd_device_get_update_error
fwupd_device_get_update_state
fwupd_device_get_version
fwupd_device_get_version_format
fwupd_device_has_flag
fwupd_device_has_guid
fwupd_device_has_protocol
fwupd_device_id_is_valid
fwupd_device_match_flags
fwupd_device_to_json_full
fwupd_error_quark
fwupd_guid_is_valid
fwupd_plugin_flag_to_string
fwupd_plugin_get_flags
fwupd_plugin_has_flag
fwupd_plugin_to_json
fwupd_release_array_filter_flags
fwupd_release_get_branch
fwupd_release_get_checksums
fwupd_release_get_remote_id
fwupd_release_get_type
fwupd_release_get_version
fwupd_release_has_checksum
fwupd_release_has_tag
fwupd_release_match_flags
fwupd_release_to_json
fwupd_release_to_string
fwupd_remote_build_report_uri
fwupd_remote_get_age
fwupd_remote_get_id
fwupd_remote_get_kind
fwupd_remote_get_report_uri
fwupd_remote_get_title
fwupd_remote_has_flag
fwupd_remote_needs_refresh
fwupd_remote_to_json
fwupd_request_get_kind
fwupd_request_get_message
fwupd_status_to_string
fwupd_update_state_to_string

libfwupdplugin

fu_archive_firmware_new
fu_archive_firmware_set_compression
fu_archive_firmware_set_format
fu_bytes_get_contents
fu_bytes_set_contents
fu_firmware_add_image
fu_firmware_new_from_bytes
fu_firmware_set_id
fu_firmware_write_file
fu_path_mkdir_parent
fu_version_compare

libfwupdutil

fu_console_beep
fu_console_box
fu_console_color_format
fu_console_input_bool
fu_console_input_uint
fu_console_line
fu_console_new
fu_console_print
fu_console_print_full
fu_console_print_kv
fu_console_print_literal
fu_console_set_interactive
fu_console_set_main_context
fu_console_set_progress
fu_console_set_progress_title
fu_console_setup
fu_util_bios_setting_matches_args
fu_util_bios_setting_to_string
fu_util_bios_settings_parse_argv
fu_util_branch_for_display
fu_util_cmd_array_add
fu_util_cmd_array_new
fu_util_cmd_array_run
fu_util_cmd_array_sort
fu_util_cmd_array_to_string
fu_util_device_to_string
fu_util_free_node
fu_util_get_bios_setting_as_json
fu_util_get_user_cache_path
fu_util_is_interesting_device
fu_util_is_url
fu_util_modify_remote_warning
fu_util_parse_filter_device_flags
fu_util_parse_filter_release_flags
fu_util_plugin_flag_to_string
fu_util_plugin_to_string
fu_util_print_builder
fu_util_print_error_as_json
fu_util_print_node
fu_util_project_versions_as_json
fu_util_project_versions_to_string
fu_util_prompt_complete
fu_util_prompt_warning
fu_util_prompt_warning_fde
fu_util_request_get_message
fu_util_send_report
fu_util_show_unsupported_warning
fu_util_sort_devices_by_flags_cb
fu_util_switch_branch_warning

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 1024B - Virtual size: 875B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 512B - Virtual size: 486B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e72d68a1cd33c98b735343f3dd402e6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libintl-8

libjson-glib-1.0-0

libfwupd-2

libfwupdplugin

libfwupdutil

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 512B - Virtual size: 128B

.rdata Size: 15KB - Virtual size: 14KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 384B

.idata Size: 15KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 132B

/4 Size: 512B - Virtual size: 128B

/19 Size: 14KB - Virtual size: 13KB

/31 Size: 2KB - Virtual size: 1KB

/45 Size: 1KB - Virtual size: 1KB

/57 Size: 512B - Virtual size: 408B

/70 Size: 1024B - Virtual size: 672B

/81 Size: 1024B - Virtual size: 875B

/97 Size: 512B - Virtual size: 486B

/113 Size: 512B - Virtual size: 113B

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 15KB - Virtual size: 14KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 384B

.idata
Size: 15KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 132B

/4
Size: 512B - Virtual size: 128B

/19
Size: 14KB - Virtual size: 13KB

/31
Size: 2KB - Virtual size: 1KB

/45
Size: 1KB - Virtual size: 1KB

/57
Size: 512B - Virtual size: 408B

/70
Size: 1024B - Virtual size: 672B

/81
Size: 1024B - Virtual size: 875B

/97
Size: 512B - Virtual size: 486B

/113
Size: 512B - Virtual size: 113B