usbdriverupdat.exe

First submission 2022-07-31 20:42:02

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
File type: 219.0 KB (224256 bytes)
Compile time: 2022-07-27 05:41:12
MD5: 8cfc702e1fe454ac3efa1108ae67c8d7
SHA1: f92e8f6beb6813407016be8f0320daa14c05990f
SHA256: 182037a347c08591fc3e046fccc8ad809fbef729a8557bba47473bf5f83a59f8
Import Hash : 3d669ab0f7c82e41ce14a94dfe181a13
Sections 5 .text .rdata .data .rsrc .reloc
Directories 4 import resource debug relocation
Virus Total: 36/70 VT report date: 2022-07-28 04:44:09

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://65.108.59.56/video/usbdriverupdat.exe VirusTotal Report 65.108.59.56 VirusTotal Report 2022-07-31 20:42:02

PE Sections 0 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x25a41 154624 d52328ef04d84041bc0fd98d2c2e739143772a3c e48fcf7bf665fe028b778084b85a554e
.rdata 0x27000 0xdddc 56832 88550ac27755aac8252bb5628f3cf6370ce6c842 d9ed83ae4afb9be641e39231546d1e5b
.data 0x35000 0x1c0c 3584 983efa28e3eef198fd6e63ff1f0c51ebabc71028 d66232707c05155ba36c861d8348f024
.rsrc 0x37000 0x1e0 512 c39a70046d66c7dbb155a0d50bcddb26c01bcc7f 2d5eb1e7989b77f5c38c72583a0272d3
.reloc 0x38000 0x1c64 7680 57def942acbfc7a3f3aeab77487836f2f472b83d 0abd5b22c3e82ba36c7022b2660c43e1

PE Resources 1

Name Language Sublanguage Offset Size Data
RT_MANIFEST LANG_ENGLISH SUBLANG_ENGLISH_US 0x37060 381

Packers detected 2

Microsoft Visual C++ 8
VC8 -> Microsoft Corporation

Anti debug functions 6

GetLastError
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
TerminateProcess
UnhandledExceptionFilter

Strings analysis - File found

Library
xmscoree.dll
ADVAPI32.dll
SHELL32.dll
USER32.dll
KERNEL32.dll

Import functions