90e0823acc54ad25329199118756e274824fd57c4aaebe5c82a8c4a76408646b

Sharing

Copy URL Twitter E-mail

General

Target

90e0823acc54ad25329199118756e274824fd57c4aaebe5c82a8c4a76408646b
Size

959KB
MD5

4a3417d36c770c1a489a24b58cdc637b
SHA1

0720d4f19626c40d98afba5e67eff2fece023607
SHA256

90e0823acc54ad25329199118756e274824fd57c4aaebe5c82a8c4a76408646b
SHA512

e2ff25ff186fa495bbbe8fe04964a0b37509e10f20a6e820b53ff307685727da0a6857e2ef03922bad9a60cd433d0f4666d5b2f71e354e15a643066ec8272198
SSDEEP

12288:hYNpvn1xqiiWuu15sPE2NIDiP/EX42S4Wm1F25:KNNjqE2NIDiPMI2S4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90e0823acc54ad25329199118756e274824fd57c4aaebe5c82a8c4a76408646b

Files

90e0823acc54ad25329199118756e274824fd57c4aaebe5c82a8c4a76408646b
.exe windows x86

bb96ba0ed1364b6fe61d32135a3c88e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
GetOEMCP
EnumSystemLocalesW
SetConsoleCtrlHandler
FindFirstFileExA
WriteConsoleW
FindClose
FindFirstFileExW
FindNextFileW
FindNextFileA
OutputDebugStringW
IsValidCodePage
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
HeapReAlloc
HeapSize
HeapQueryInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
EncodePointer
DecodePointer
SetFilePointer
SetThreadUILanguage
GetSystemDefaultLangID
GetVersionExA
CreateThread
Sleep
CloseHandle
WriteFile
ReadFile
GetFileSize
CreateFileA
FormatMessageA
GetLocalTime
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetLastError
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleFileNameA
GetModuleHandleExW
GetStdHandle
ExitProcess
GetACP
HeapValidate
GetSystemInfo
GetCurrentThread
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
CreateFileW

user32

LoadImageA
LoadIconA
ScreenToClient
GetWindowRect
MoveWindow
GetDlgItemInt
IsDlgButtonChecked
EnableWindow
SetFocus
CheckDlgButton
DestroyWindow
PostQuitMessage
DefWindowProcA
GetDlgItemTextA
SetDlgItemInt
SetWindowLongA
GetWindowLongA
ShowCaret
DestroyCaret
CreateCaret
GetWindowTextLengthA
ReleaseDC
GetDC
SetDlgItemTextA
GetDlgItem
CallWindowProcA
PostMessageA
SendMessageA
SendDlgItemMessageA

gdi32

GetTextExtentPoint32A
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

comctl32

PropertySheetA

ch347dll

CH347Uart_SetTimeout
CH347Uart_GetDeviceInfor
CH347Uart_Write
CH347Uart_Read
CH347Uart_Init
CH347Uart_Close
CH347Uart_Open
CH347SPI_WriteRead
CH347StreamI2C
CH347StreamSPI4
CH347SetDeviceNotify
CH347Jtag_BitReadDR
CH347Jtag_BitReadIR
CH347Jtag_BitWriteIR
CH347Jtag_BitWriteDR
CH347Jtag_ByteReadIR
CH347Jtag_ByteWriteIR
CH347Jtag_ByteReadDR
CH347Jtag_ByteWriteDR
CH347Jtag_SwitchTapState
CH347Jtag_INIT
CH347SetTimeout
CH347GPIO_Set
CH347GPIO_Get
CH347I2C_Set
CH347SPI_Read
CH347SPI_Write
CH347SPI_SetChipSelect
CH347SPI_GetCfg
CH347SPI_Init
CH347GetDeviceInfor
CH347CloseDevice
CH347OpenDevice
CH347WriteEEPROM
CH347ReadEEPROM

Sections

.text
Size: 693KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb96ba0ed1364b6fe61d32135a3c88e0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

ch347dll

Sections

.text Size: 693KB - Virtual size: 692KB

.rdata Size: 157KB - Virtual size: 157KB

.data Size: 3KB - Virtual size: 51KB

.idata Size: 6KB - Virtual size: 5KB

.gfids Size: 1024B - Virtual size: 1000B

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 693KB - Virtual size: 692KB

.rdata
Size: 157KB - Virtual size: 157KB

.data
Size: 3KB - Virtual size: 51KB

.idata
Size: 6KB - Virtual size: 5KB

.gfids
Size: 1024B - Virtual size: 1000B

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 96KB - Virtual size: 96KB