| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | CSR-Allx86-drp.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 6c3cf01bb9d5bf9d23d80c4481670c4d2101ad5d |
| MD5: | d0722f959c43dafcec9e267fc858ddca |
| First Seen Date: | 2017-08-24 01:29:21.403368 ( ) |
| Number of Clients Seen: | 4 |
| Last Analysis Date: | 2018-03-02 13:00:43.150027 ( ) |
| Human Expert Analysis Result: | No human expert analysis verdict given to this sample yet. |
| Property | Value |
|---|---|
| magic literal enum | 3 |
| file type enum | 6 |
| debug artifacts | [] |
| number of sections | 4 |
| trid | [[50.0, u'Generic Win/DOS Executable'], [49.9, u'DOS Executable Generic']] |
| compilation time stamp | 0x5700444A [Sat Apr 2 22:14:34 2016 UTC] |
| LegalCopyright | Copyright \xa9 Kuzyakov Artur |
| InternalName | DriverPack |
| FileVersion | 1.0 |
| CompanyName | DriverPack |
| PrivateBuild | 2016 |
| ProductName | DriverPack |
| ProductVersion | 1.0 |
| FileDescription | DriverPack |
| OriginalFilename | DriverPack.exe |
| Translation | 0x0000 0x04b0 |
| entry point | 0x41c35f (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 2088120 |
| ssdeep | 49152:b5+hFpj8F9jWOHVuLS3j3DxYmSAOUrw7pbOo3K3cyYF8gmjTNvAZ4:b5aFpOjWOHT3XxsiqtSMpmjTN9 |
| sha256 | c8ab84eded95c542caccf2c4755496fd69889de987f2ac83e5a0fd2754d0a0da |
| exifinfo | [{u'EXE:FileSubtype': 0, u'File:FilePermissions': u'rw-r--r--', u'EXE:PrivateBuild': 2016, u'SourceFile': u'/nfs/fvs/valkyrie_shared/core/valkyrie_files/6/c/3/c/6c3cf01bb9d5bf9d23d80c4481670c4d2101ad5d', u'EXE:OriginalFileName': u'DriverPack.exe', u'EXE:ProductName': u'DriverPack', u'EXE:InternalName': u'DriverPack', u'File:MIMEType': u'application/octet-stream', u'File:FileAccessDate': u'2018:03:02 12:58:50+00:00', u'EXE:InitializedDataSize': 64512, u'File:FileModifyDate': u'2018:03:02 12:58:50+00:00', u'EXE:FileVersionNumber': u'1.0.0.0', u'EXE:FileVersion': 1.0, u'File:FileSize': u'2039 kB', u'EXE:CharacterSet': u'Unicode', u'EXE:MachineType': u'Intel 386 or later, and compatibles', u'EXE:FileOS': u'Windows NT 32-bit', u'EXE:ProductVersion': 1.0, u'EXE:ObjectFileType': u'Executable application', u'File:FileType': u'Win32 EXE', u'EXE:CompanyName': u'DriverPack', u'File:FileName': u'6c3cf01bb9d5bf9d23d80c4481670c4d2101ad5d', u'EXE:ImageVersion': 0.0, u'File:FileTypeExtension': u'exe', u'EXE:OSVersion': 4.0, u'EXE:PEType': u'PE32', u'EXE:TimeStamp': u'2016:04:02 22:14:34+00:00', u'EXE:FileFlagsMask': u'0x003f', u'EXE:LegalCopyright': u'Copyright \xa9 Kuzyakov Artur', u'EXE:LinkerVersion': 8.0, u'EXE:FileFlags': u'(none)', u'EXE:Subsystem': u'Windows GUI', u'File:Directory': u'/nfs/fvs/valkyrie_shared/core/valkyrie_files/6/c/3/c', u'EXE:FileDescription': u'DriverPack', u'EXE:EntryPoint': u'0x1c35f', u'EXE:SubsystemVersion': 4.0, u'EXE:CodeSize': 114176, u'File:FileInodeChangeDate': u'2018:03:02 12:58:50+00:00', u'EXE:UninitializedDataSize': 0, u'EXE:LanguageCode': u'Neutral', u'ExifTool:ExifToolVersion': 10.1, u'EXE:ProductVersionNumber': u'1.0.0.0'}] |
| mime type | application/x-dosexec |
| imphash | a1a66d588dcf1394354ebf6ec400c223 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x1bd4a | 0x1be00 | 6.71052533174 | c820c58aedd8916d0cfdfacf6518a796 |
| .rdata | 0x1d000 | 0x41a8 | 0x4200 | 5.74601891947 | 61e5f1569be02d293c2f1941c8014c11 |
| .data | 0x22000 | 0x4c90 | 0x800 | 3.69661077531 | df838379d053bbc0adb49e5333be876c |
| .rsrc | 0x27000 | 0x6b0d | 0x6c00 | 5.00686276495 | 0cb7e88d18950e1d06a7c50e4e98b81d |
-
COMCTL32.dll
- None
-
SHELL32.dll
- ShellExecuteExW
- ShellExecuteW
- SHGetMalloc
- SHGetPathFromIDListW
- SHBrowseForFolderW
- SHGetFileInfoW
- SHGetSpecialFolderPathW
-
GDI32.dll
- CreateCompatibleDC
- CreateFontIndirectW
- DeleteObject
- DeleteDC
- GetCurrentObject
- StretchBlt
- GetDeviceCaps
- CreateCompatibleBitmap
- SelectObject
- SetStretchBltMode
- GetObjectW
-
ADVAPI32.dll
- FreeSid
- AllocateAndInitializeSid
- CheckTokenMembership
-
USER32.dll
- GetParent
- ScreenToClient
- CreateWindowExW
- GetDesktopWindow
- GetWindowTextLengthW
- SetWindowPos
- SetTimer
- GetMessageW
- CopyImage
- KillTimer
- CharUpperW
- SendMessageW
- ShowWindow
- BringWindowToTop
- wsprintfW
- MessageBoxW
- EndDialog
- ReleaseDC
- GetWindowDC
- GetMenu
- GetWindowLongW
- GetClassNameA
- wsprintfA
- DispatchMessageW
- SetWindowTextW
- GetSysColor
- DestroyWindow
- MessageBoxA
- GetKeyState
- IsWindow
- GetDlgItem
- GetClientRect
- GetSystemMetrics
- SetWindowLongW
- UnhookWindowsHookEx
- SetFocus
- SystemParametersInfoW
- DrawTextW
- GetDC
- ClientToScreen
- GetWindow
- DialogBoxIndirectParamW
- DrawIconEx
- CallWindowProcW
- DefWindowProcW
- CallNextHookEx
- PtInRect
- SetWindowsHookExW
- LoadImageW
- LoadIconW
- MessageBeep
- EnableWindow
- EnableMenuItem
- GetSystemMenu
- CreateWindowExA
- wvsprintfW
- GetWindowTextW
- GetWindowRect
-
ole32.dll
- CreateStreamOnHGlobal
- CoCreateInstance
- CoInitialize
-
OLEAUT32.dll
- SysAllocStringLen
- VariantClear
- SysFreeString
- OleLoadPicture
- SysAllocString
-
KERNEL32.dll
- SetFileTime
- SetEndOfFile
- GetFileInformationByHandle
- VirtualFree
- GetModuleHandleA
- WaitForMultipleObjects
- VirtualAlloc
- ReadFile
- SetFilePointer
- GetFileSize
- LeaveCriticalSection
- EnterCriticalSection
- DeleteCriticalSection
- FormatMessageW
- lstrcpyW
- LocalFree
- IsBadReadPtr
- GetSystemDirectoryW
- GetCurrentThreadId
- SuspendThread
- TerminateThread
- InitializeCriticalSection
- ResetEvent
- SetEvent
- CreateEventW
- GetVersionExW
- GetModuleFileNameW
- GetCurrentProcess
- SetProcessWorkingSetSize
- SetEnvironmentVariableW
- GetDriveTypeW
- CreateFileW
- LoadLibraryA
- SetThreadLocale
- GetSystemTimeAsFileTime
- ExpandEnvironmentStringsW
- CompareFileTime
- WideCharToMultiByte
- GetTempPathW
- GetCurrentDirectoryW
- GetEnvironmentVariableW
- lstrcmpiW
- GetLocaleInfoW
- MultiByteToWideChar
- GetUserDefaultUILanguage
- GetSystemDefaultUILanguage
- GetSystemDefaultLCID
- lstrcmpiA
- GlobalAlloc
- GlobalFree
- MulDiv
- FindResourceExA
- SizeofResource
- LoadResource
- LockResource
- GetModuleHandleW
- FindFirstFileW
- lstrcmpW
- DeleteFileW
- FindNextFileW
- FindClose
- RemoveDirectoryW
- GetStdHandle
- WriteFile
- lstrlenA
- CreateDirectoryW
- GetFileAttributesW
- SetCurrentDirectoryW
- GetLocalTime
- SystemTimeToFileTime
- CreateThread
- GetExitCodeThread
- Sleep
- SetFileAttributesW
- GetDiskFreeSpaceExW
- SetLastError
- GetTickCount
- lstrlenW
- ExitProcess
- lstrcatW
- GetProcAddress
- CloseHandle
- WaitForSingleObject
- GetExitCodeProcess
- GetQueuedCompletionStatus
- ResumeThread
- SetInformationJobObject
- CreateIoCompletionPort
- AssignProcessToJobObject
- CreateJobObjectW
- GetLastError
- CreateProcessW
- GetStartupInfoW
- GetCommandLineW
- GetStartupInfoA
-
MSVCRT.dll
- _purecall
- ??2@YAPAXI@Z
- _wtol
- memset
- memmove
- memcpy
- _wcsnicmp
- _controlfp
- _except_handler3
- __set_app_type
- __p__fmode
- __p__commode
- _adjust_fdiv
- __setusermatherr
- _initterm
- __getmainargs
- _acmdln
- exit
- _XcptFilter
- _exit
- ??1type_info@@UAE@XZ
- _onexit
- __dllonexit
- malloc
- realloc
- free
- wcsstr
- _CxxThrowException
- _beginthreadex
- _EH_prolog
- ?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
- strncmp
- wcsncmp
- wcsncpy
- strncpy
- ??3@YAXPAX@Z
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 160432, u'sha256': u'ea28f92489b751859c260f8817282bbeb21a3ab47317ec1fedcc7ebc28aa557c', u'type': u'dBase IV DBT of `.DBF, block length 1536, next free block index 40, next free block 2130706656, next used block 65535', u'size': 1640}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 162072, u'sha256': u'11323b44ce2c28580214713f4784ae8da6749c44951386d72f9df6caf6d0d03f', u'type': u'data', u'size': 744}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 162816, u'sha256': u'8ba587c1f520a47113a3468d25cff4dd47e434ef95951d5e7731a4dc9a780628', u'type': u'GLS_BINARY_LSB_FIRST', u'size': 296}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 163112, u'sha256': u'3a5698fc42b4d31610a49072eec57242ac8e977e8dd5af47e3d174e5c14dfba1', u'type': u'data', u'size': 3752}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 166864, u'sha256': u'f63eaa288005e2d691b12aace051ee8473f33c498582e3762a20e103f2392325', u'type': u'data', u'size': 2216}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 169080, u'sha256': u'8f23d302942e7828a00a9abe2125f7ec04125058ea92c55b4353a4cf99d244aa', u'type': u'GLS_BINARY_LSB_FIRST', u'size': 1384}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 170464, u'sha256': u'ea5f2e56ddd8be39c4c41e0b3b7da7d8fcd36eb3d3877caa080c8103c60cf10c', u'type': u'data', u'size': 9640}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 180104, u'sha256': u'b1207b6a207beab4d27c9d764cec722bbe38662851d64fa79a36baaabb3c7dc0', u'type': u'data', u'size': 4264}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_ICON', u'offset': 184368, u'sha256': u'1ab91d9217ba2a2dd81bad7d34e02c4feeaa4fde0eea6cb24dba84ee914d1503', u'type': u'GLS_BINARY_LSB_FIRST', u'size': 1128}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_GROUP_ICON', u'offset': 185496, u'sha256': u'ca82878ac6f8f5d26249f03257b496eebf06e2d20e02349a0b871bf92766535c', u'type': u'MS Windows icon resource - 9 icons, 48x48, 16 colors', u'size': 132}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_VERSION', u'offset': 185628, u'sha256': u'0b6b9526c643bfe34256a290466ef3c0a3ccf7cfad80252690ad99f8e33d2725', u'type': u'data', u'size': 744}
{u'lang': u'LANG_NEUTRAL', u'name': u'RT_MANIFEST', u'offset': 186372, u'sha256': u'1cbef81a3cbf8967be403cb25f824f41bf9f1bea039cb56e9c7d5e1b740c4d90', u'type': u'ASCII text', u'size': 777}