z:\projects\libusb-win32-stage\ddk_make\output\i386\install-filter.pdb
Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Static task
static1
Behavioral task
behavioral1
Sample
9b7c367f914437875c585a0228033e6fbaf7c69f747751a726698a6a4271863bN.exe
Resource
win7-20241010-en
General
-
Target
9b7c367f914437875c585a0228033e6fbaf7c69f747751a726698a6a4271863bN.exe
-
Size
62KB
-
MD5
be38160d3742c8b77c46e2ad34c59b40
-
SHA1
6b4c741d60bb8d10b6fb4d3470e360c77b2e4228
-
SHA256
9b7c367f914437875c585a0228033e6fbaf7c69f747751a726698a6a4271863b
-
SHA512
e07d1be0b9cc348dca1d37d9cf0fe08d501a51abba43754f66e3dab602a5994dbb77092da65a4702070e60430068bdf205b5377c67f97e884ec63151292a870e
-
SSDEEP
768:MEcy9908dqax/5FdC72/WkFkwUEihlLBHCnp+KCIvLQGPL4vzZq2o9W7GsxBbPr:Vcy9Pn/LdnFFlUEulElvsGCq2iW7z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9b7c367f914437875c585a0228033e6fbaf7c69f747751a726698a6a4271863bN.exe
Files
-
9b7c367f914437875c585a0228033e6fbaf7c69f747751a726698a6a4271863bN.exe.exe windows:6 windows x86 arch:x86
a299004fe279f5877a6d9cafc3ee50fa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
advapi32
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
kernel32
LoadLibraryA
GetLastError
Sleep
GetCurrentProcess
GetModuleHandleA
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
GetStdHandle
GetFullPathNameA
LocalFree
InterlockedIncrement
GetProcAddress
FormatMessageA
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
FreeLibrary
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetVersionExA
GetCommandLineW
GetVersion
UnhandledExceptionFilter
msvcrt
wcstombs
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
sscanf
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__getmainargs
_vsnprintf
strncpy
_iob
fprintf
strerror
memmove
memcpy
_stricmp
_getch
_beginthread
_endthread
_strlwr
strncmp
_snprintf
_wcsnicmp
_wcsicmp
malloc
printf
strstr
_strdup
sprintf
free
memset
_adjust_fdiv
setupapi
SetupFindFirstLineA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupCloseInfFile
SetupFindNextLine
SetupDiSetDeviceRegistryPropertyA
CM_Get_DevNode_Status
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyA
SetupOpenInfFileA
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
CM_Get_Device_IDA
SetupGetStringFieldA
user32
SetWindowTextA
GetWindowLongA
SetWindowLongA
RedrawWindow
InvalidateRect
DefWindowProcA
PostMessageA
CreateWindowExA
GetSysColor
EnableWindow
GetClientRect
OffsetRect
InflateRect
GetDlgItem
GetWindowTextLengthA
SendMessageA
GetDesktopWindow
GetWindowRect
SetWindowPos
GetSysColorBrush
FillRect
DrawEdge
SetTimer
GetParent
DestroyWindow
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
RegisterClassExA
LoadCursorA
LoadIconA
GetClassInfoExA
MessageBoxA
GetSystemMetrics
gdi32
BitBlt
CreateSolidBrush
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
Sections
.text Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
u�K��u� Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE