49d3945f9626e9348fb116175f66119c0063f7864490661c8d21d0fd10927add[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

49d3945f9626e9348fb116175f66119c0063f7864490661c8d21d0fd10927add.exe
Size

62KB
MD5

6ead21c3a9b1519f2b4d1d64cf904b1f
SHA1

5aa090b95d8a96ad7508f8a7a56a12aa9d51cda4
SHA256

49d3945f9626e9348fb116175f66119c0063f7864490661c8d21d0fd10927add
SHA512

fecdb244f30dd908147c0fae275b8263e4600d14b99836dc3d64c2261ca0d4f36f695ef919fb1b6b8544369fb00a0fbf3f3b98ebe0771c6ac1273d91c55d9d5d
SSDEEP

768:MEcy9908dqax/5FdC72/WkFkwUEihlLBHCnp+KCIvLQGPL4vzZq2o9W7GsxBbPrO:Vcy9Pn/LdnFFlUEulElvsGCq2iW7z6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49d3945f9626e9348fb116175f66119c0063f7864490661c8d21d0fd10927add.exe

Files

49d3945f9626e9348fb116175f66119c0063f7864490661c8d21d0fd10927add.exe
.exe windows:6 windows x86 arch:x86

a299004fe279f5877a6d9cafc3ee50fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\projects\libusb-win32-stage\ddk_make\output\i386\install-filter.pdb

Imports

advapi32

FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA

kernel32

LoadLibraryA
GetLastError
Sleep
GetCurrentProcess
GetModuleHandleA
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
GetStdHandle
GetFullPathNameA
LocalFree
InterlockedIncrement
GetProcAddress
FormatMessageA
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
FreeLibrary
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetVersionExA
GetCommandLineW
GetVersion
UnhandledExceptionFilter

msvcrt

wcstombs
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
sscanf
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__getmainargs
_vsnprintf
strncpy
_iob
fprintf
strerror
memmove
memcpy
_stricmp
_getch
_beginthread
_endthread
_strlwr
strncmp
_snprintf
_wcsnicmp
_wcsicmp
malloc
printf
strstr
_strdup
sprintf
free
memset
_adjust_fdiv

setupapi

SetupFindFirstLineA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupCloseInfFile
SetupFindNextLine
SetupDiSetDeviceRegistryPropertyA
CM_Get_DevNode_Status
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyA
SetupOpenInfFileA
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
CM_Get_Device_IDA
SetupGetStringFieldA

user32

SetWindowTextA
GetWindowLongA
SetWindowLongA
RedrawWindow
InvalidateRect
DefWindowProcA
PostMessageA
CreateWindowExA
GetSysColor
EnableWindow
GetClientRect
OffsetRect
InflateRect
GetDlgItem
GetWindowTextLengthA
SendMessageA
GetDesktopWindow
GetWindowRect
SetWindowPos
GetSysColorBrush
FillRect
DrawEdge
SetTimer
GetParent
DestroyWindow
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
RegisterClassExA
LoadCursorA
LoadIconA
GetClassInfoExA
MessageBoxA
GetSystemMetrics

gdi32

BitBlt
CreateSolidBrush
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

u�K��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a299004fe279f5877a6d9cafc3ee50fa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

setupapi

user32

gdi32

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

u�K��u� Size: 16KB - Virtual size: 20KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB

u�K��u�
Size: 16KB - Virtual size: 20KB