120c148dfc1655cbd5e1889d9735960a0ab455ea71f272a3b010324ae7cfa0d4[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

120c148dfc1655cbd5e1889d9735960a0ab455ea71f272a3b010324ae7cfa0d4.exe
Size

3.5MB
MD5

698e225b1e677a2059c86bbb3bf89f3a
SHA1

805cbf52381a48967b064a12075946d110d48ca3
SHA256

120c148dfc1655cbd5e1889d9735960a0ab455ea71f272a3b010324ae7cfa0d4
SHA512

efc22602280b0642fe22c3dcc8015d1a859b80a79f4adff23631e959a2a827fc37c3129b7abe3ae59d8527e174036dd00a98708b3dce8a912c077c4282773d55
SSDEEP

98304:U9PazYBVkS4wagSkc7NCVDOdKtRQQQbvFLOAkGkzdnEVomFHKnP8t:MDoYOdKtRQQQbvFLOyomFHKnP8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
120c148dfc1655cbd5e1889d9735960a0ab455ea71f272a3b010324ae7cfa0d4.exe

Files

120c148dfc1655cbd5e1889d9735960a0ab455ea71f272a3b010324ae7cfa0d4.exe
.exe windows:5 windows x86 arch:x86

982023eeb6a533465a79564e3461c814

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\linlc\Desktop\CDriverUnintstall\Release\CDriverUnintstall.pdb

Imports

kernel32

IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
TerminateProcess
LCMapStringW
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
IsProcessorFeaturePresent
IsDebuggerPresent
SizeofResource
ExitThread
CreateThread
RtlUnwind
GetModuleHandleExW
GetSystemTimeAsFileTime
GetCommandLineW
FindResourceExW
SearchPathW
GetProfileIntW
VirtualProtect
GetTempPathW
GetTempFileNameW
GetTickCount
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
GetFileAttributesW
VerifyVersionInfoW
VerSetConditionMask
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FindNextFileW
GetThreadLocale
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
GetTimeZoneInformation
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GlobalFindAtomW
EncodePointer
GlobalAddAtomW
CopyFileW
MulDiv
LocalFree
GlobalSize
GlobalUnlock
SuspendThread
CreateEventW
SetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
SetLastError
OutputDebugStringA
GlobalFree
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
CloseHandle
Process32NextW
Process32FirstW
GetCurrentProcessId
CreateToolhelp32Snapshot
ResumeThread
GetModuleFileNameW
ExitProcess
GetCurrentThread
SetThreadPriority
GetCurrentProcess
SetPriorityClass
GetWindowsDirectoryW
WaitForSingleObject
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
OutputDebugStringW
Sleep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetSystemTime
DeleteFileW
RemoveDirectoryW
lstrcpyW
GetCurrentDirectoryW
FormatMessageW
GetLastError
CreateDirectoryW
lstrcatW
GetLocalTime
FindResourceW
LoadResource
LockResource

user32

UpdateLayeredWindow
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
IsMenu
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
LockWindowUpdate
CreatePopupMenu
BringWindowToTop
UnionRect
SetCursorPos
GetAsyncKeyState
IsZoomed
TrackMouseEvent
LoadImageW
DestroyIcon
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
MonitorFromPoint
SetParent
EnumDisplayMonitors
SetRectEmpty
SetLayeredWindowAttributes
MessageBeep
GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
MapVirtualKeyW
GetKeyNameTextW
IntersectRect
CharUpperW
SystemParametersInfoW
GetMenuItemInfoW
DestroyMenu
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
DefMDIChildProcW
LoadAcceleratorsW
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
NotifyWinEvent
CopyRect
GetClassNameW
UpdateWindow
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
PtInRect
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringW
GetSubMenu
LoadMenuW
GetDesktopWindow
SetActiveWindow
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
IsWindowEnabled
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DrawIconEx
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
SubtractRect
GetWindowRgn
IsRectEmpty
OffsetRect
DestroyCursor
CreateMenu
InvertRect
HideCaret
GetComboBoxInfo
SetScrollRange
TranslateMDISysAccel
IsCharLowerW
PostThreadMessageW
IsClipboardFormatAvailable
FrameRect
GetScrollRange
CharUpperBuffW
InflateRect
DrawFocusRect
GetSysColorBrush
MapWindowPoints
GetWindowRect
SetWindowRgn
DrawStateW
GetFocus
IsWindowVisible
DrawFrameControl
RegisterWindowMessageW
MapDialogRect
GetWindow
SetWindowContextHelpId
SetWindowPos
PostQuitMessage
PostMessageW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DrawEdge
GetParent
FillRect
GetSysColor
GetClassLongW
WindowFromDC
UnregisterClassW
MessageBoxW
RedrawWindow
KillTimer
InvalidateRect
SetTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
AppendMenuW
GetSystemMenu
LoadIconW
EnableWindow
SendMessageW
SendDlgItemMessageA

gdi32

MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetRectRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
LineTo
IntersectClipRect
GetStockObject
GetPixel
GetObjectType
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
DeleteDC
GetClipBox
ExcludeClipRect
DeleteObject
CreatePatternBrush
CreatePen
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
PatBlt
GetTextColor
Ellipse
CreateSolidBrush
CreateRectRgnIndirect
CreateHatchBrush
CreateEllipticRgn
CombineRgn
Escape
TextOutW
RectVisible
PtVisible
CreateFontIndirectW
GetObjectW
ExtTextOutW
CreateRectRgn
GetTextExtentPoint32W
BitBlt
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
RestoreDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
DeletePrinterDriverExW
EnumPrinterDriversW
SetJobW
EnumJobsW
DeletePrinter
ClosePrinter

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
OpenSCManagerW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ControlService
StartServiceW
QueryServiceStatus
CloseServiceHandle
OpenServiceW

shell32

SHAppBarMessage
ShellExecuteW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetDesktopFolder

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

DrawThemeBackground
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeText
GetThemePartSize
IsAppThemed
GetCurrentThemeName
GetThemeColor
OpenThemeData
CloseThemeData

ole32

CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal

oleaut32

SysAllocString
VarBstrFromDate
VariantCopy
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

setupapi

SetupUninstallOEMInfW
CM_Reenumerate_DevNode
CM_Locate_DevNodeW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

982023eeb6a533465a79564e3461c814

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

setupapi

oleacc

imm32

winmm

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 336KB - Virtual size: 335KB

.data Size: 26KB - Virtual size: 56KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 122KB - Virtual size: 121KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 336KB - Virtual size: 335KB

.data
Size: 26KB - Virtual size: 56KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 122KB - Virtual size: 121KB

.rmnet
Size: 56KB - Virtual size: 60KB