425296353f916d4cc81a600dc611268cbb53fe46d02cdad5955cac9628c755d8

Sharing

Copy URL

Twitter E-mail

General

Target

425296353f916d4cc81a600dc611268cbb53fe46d02cdad5955cac9628c755d8
Size

834KB
MD5

1a6643d549ed0d834a82f90c6db49a70
SHA1

29fbf25ecceecef74f1167637215d97f72989926
SHA256

425296353f916d4cc81a600dc611268cbb53fe46d02cdad5955cac9628c755d8
SHA512

3d5e771b1f240b8a54563b4aa1e907eeb5f84e79574d80cb700879055aae149a6ed8a4197386a40677f1527397805b5ed4b01e3babe22126dcc8ac21d1aac703
SSDEEP

12288:3Swwn4oOZcaQYn3htObKmmOo3/UuSLekt0YAwgeKBjvrEH75:3Re4oG3hAU3/U/Lekt0YAwge8rEH75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425296353f916d4cc81a600dc611268cbb53fe46d02cdad5955cac9628c755d8

Files

425296353f916d4cc81a600dc611268cbb53fe46d02cdad5955cac9628c755d8
.exe windows:6 windows x86 arch:x86

bb7a04515df8613e19d74d4974eb8b56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

z:\projects\libusb-win32-stage\ddk_make\output\i386\inf-wizard.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
OutputDebugStringA
OpenThread
TerminateThread
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
CreateNamedPipeA
CreateEventA
ReadFile
WaitForMultipleObjects
GetOverlappedResult
WaitForSingleObject
WriteFile
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
CreateMutexA
CloseHandle
LocalFree
GetVersionExA
CreateProcessW
GetCurrentDirectoryW
DeleteFileW
CreateFileW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
GetLastError
SetLastError
MultiByteToWideChar
GetFullPathNameA
WideCharToMultiByte

gdi32

SetTextColor
SetBkMode
CreateSolidBrush
GetObjectA
CreateFontIndirectA
SetBkColor

user32

CreateWindowExW
SetWindowTextW
SetWindowTextA
GetDlgItem
SendMessageA
EndDialog
CallWindowProcA
GetClassInfoExA
GetSysColorBrush
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
SetTimer
ShowWindow
UpdateWindow
PostQuitMessage
GetParent
MoveWindow
GetDesktopWindow
EnumChildWindows
GetWindowLongA
PostMessageA
DestroyWindow
ClientToScreen
TrackMouseEvent
MessageBoxA
CreateWindowExA
GetClientRect
GetWindowRect
SetCursor
LoadCursorA
EnableWindow
GetSysColor
GetDlgCtrlID
RegisterDeviceNotificationA
SetWindowLongA
UnregisterDeviceNotification
GetWindowTextA
DestroyIcon
DialogBoxParamA
LoadIconA
GetWindowTextW

msvcrt

_wcslwr
_strlwr
_iob
__getmainargs
_stricmp
strncpy
memcpy
malloc
_strdup
sprintf
_snprintf
memset
calloc
free
_cexit
_exit
_errno
_XcptFilter
_ismbblead
_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
realloc
wctomb
_itoa
exit
_controlfp
?terminate@@YAXXZ
isspace
__set_app_type
strncat
_fdopen
_open_osfhandle
fclose
fwrite
getenv
strtok
strncmp
_snwprintf
fprintf
_endthread
_beginthread
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
sscanf
_acmdln
isleadbyte

comctl32

ord17

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

CryptDestroyKey
CryptGenKey
CryptAcquireContextW
ConvertSidToStringSidA
CryptReleaseContext
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
OpenProcessToken
GetTokenInformation
ConvertStringSidToSidA

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

shell32

ShellExecuteExW
SHCreateDirectoryExW

ole32

CoCreateGuid

Sections

.text
Size: 703KB - Virtual size: 703KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb7a04515df8613e19d74d4974eb8b56

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

comctl32

comdlg32

advapi32

setupapi

shell32

ole32

Sections

.text Size: 703KB - Virtual size: 703KB

.data Size: 31KB - Virtual size: 33KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 703KB - Virtual size: 703KB

.data
Size: 31KB - Virtual size: 33KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 11KB - Virtual size: 10KB