3b82bdd9dfebe7f6b30766b27e3726bd090c97a9e664c052aa6616b531be79fcN[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3b82bdd9dfebe7f6b30766b27e3726bd090c97a9e664c052aa6616b531be79fcN.exe
Size

405KB
MD5

d57620d2259afcabfa79389ec0ab2c70
SHA1

98d3a68016c7bc257a41cc7e2859039bb2ea25bb
SHA256

3b82bdd9dfebe7f6b30766b27e3726bd090c97a9e664c052aa6616b531be79fc
SHA512

b109e099d615ba6365cc2ec4a23648e43bb1035fbd5f7692271fb422a89ad74f6fba123d5191063771c9f28745e0c4aa8c0c9de18fa8dee29a5aacf30fd99507
SSDEEP

6144:Fqe61qpSQpmFnW9zI8XqKkHwcxSmiJ8Eof/GblHlYUaneD:t6YMQpwnszI8XcHwCFiJaWblFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b82bdd9dfebe7f6b30766b27e3726bd090c97a9e664c052aa6616b531be79fcN.exe

Files

3b82bdd9dfebe7f6b30766b27e3726bd090c97a9e664c052aa6616b531be79fcN.exe
.dll windows:5 windows x86 arch:x86

55e158d204526c514bcc6c1bdd6d9b03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

J:\Develope\20130508_AMPV_WebAgreement_1.0.9.0_AMPV_FixGettingServerInterval\Release\itdrvUA.pdb

Imports

kernel32

GetFileSize
DeleteFileW
MoveFileW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetUserDefaultUILanguage
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetLocaleInfoW
SetStdHandle
CreateFileA
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetFileAttributesW
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetStringTypeW
LCMapStringA
LCMapStringW
RtlUnwind
GetCPInfo
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
CreateMutexW
WriteFile
CreateFileW
SetFileAttributesW
FindResourceExW
LocalAlloc
Sleep
InterlockedExchange
lstrcpyW
LocalFree
CloseHandle
OutputDebugStringA
GetCurrentThreadId
DeleteCriticalSection
GetModuleHandleA
lstrcmpiW
LockResource
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
CompareStringW
GetModuleFileNameW
MulDiv
LeaveCriticalSection
SizeofResource
LoadLibraryW
WideCharToMultiByte
InitializeCriticalSection
GetModuleHandleW
OutputDebugStringW
WaitForSingleObject
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
CreateProcessW
LoadResource
FreeLibrary
FindResourceW
ReadFile

user32

GetMonitorInfoW
CallWindowProcW
DefWindowProcW
GetWindow
GetDlgCtrlID
SetWindowTextW
BeginPaint
EndPaint
ClientToScreen
DestroyWindow
SetCursor
GetWindowTextLengthW
SetWindowRgn
SetTimer
ScreenToClient
GetWindowRect
CharNextW
GetWindowDC
FillRect
SetCapture
PostMessageW
DrawTextW
KillTimer
GetKeyState
GetFocus
DialogBoxParamW
GetParent
ChildWindowFromPointEx
LoadCursorW
IsWindowEnabled
WindowFromPoint
GetClientRect
SetFocus
DrawEdge
SetRectEmpty
UnregisterClassA
PtInRect
GetDC
GetCapture
DrawFocusRect
InflateRect
GetMenu
OffsetRect
SetRect
InvalidateRect
GetWindowLongW
GetWindowTextW
SystemParametersInfoW
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
LoadBitmapW
GetActiveWindow
IsWindow
CreateWindowExW
AdjustWindowRectEx
ReleaseCapture
GetSystemMetrics
SendMessageW
MapWindowPoints
UpdateWindow
EnableWindow

gdi32

GetTextExtentPoint32W
SetTextColor
DeleteDC
CreateFontIndirectW
GetDeviceCaps
StretchBlt
SetBkColor
CreateBitmap
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
RectInRegion
CreateCompatibleBitmap
GetObjectW
GetPixel
TextOutW
CreateSolidBrush
CreatePolygonRgn
BitBlt
GetStockObject

advapi32

FreeSid
RegQueryValueExW
RegQueryInfoKeyW
SetFileSecurityW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetKeySecurity
RegCreateKeyExW
SetEntriesInAclW
AllocateAndInitializeSid
RegDeleteValueW
SetSecurityDescriptorDacl
RegDeleteKeyW
InitializeSecurityDescriptor

shell32

ShellExecuteW
CommandLineToArgvW

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

ImageList_Destroy
ImageList_Draw
_TrackMouseEvent
ImageList_LoadImageW
ImageList_GetIconSize

Exports

Exports

AgreementCmdW
GetAgreement
GetAgreement2
Install
InstallCmdW
SetAgreement
SetAgreement2
ShowAgreementUI
ShowAgreementUI2
ShowAgreementUIForDriver
ShowAgreementUIForDriver2
UnInstall

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55e158d204526c514bcc6c1bdd6d9b03

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 219KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 17KB - Virtual size: 17KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 220KB - Virtual size: 219KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 17KB - Virtual size: 17KB

.rmnet
Size: 56KB - Virtual size: 60KB