0855b27d25cad16742807ec98f7bfb7d32cdffe302d226664f98addc4c50c5aa

Sharing

Copy URL Twitter E-mail

General

Target

0855b27d25cad16742807ec98f7bfb7d32cdffe302d226664f98addc4c50c5aa
Size

167KB
MD5

be8323d14fcd5e1e1f224d5030d0892d
SHA1

3783657eeef8a43dbc016c74e3012e1d3f8c7921
SHA256

0855b27d25cad16742807ec98f7bfb7d32cdffe302d226664f98addc4c50c5aa
SHA512

7c1f9d96492a3750b5a734e88467084c4d882290f888816c5acf6c1c3ee50b2b807cef67848c78858aa3f8f89171771249b48f6d3dd9b9fa0da44e22d4a63589
SSDEEP

1536:bOA+ETBNYk2VVO3L0idudUNcmYua+pEWhD5s+7cxgyhOPFfh9bZZWC9N4aGTfNPs:bNBboiRcmYMhD5r7SHhOPsaGTkIG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0855b27d25cad16742807ec98f7bfb7d32cdffe302d226664f98addc4c50c5aa

Files

0855b27d25cad16742807ec98f7bfb7d32cdffe302d226664f98addc4c50c5aa
.exe windows x86

6e3764e31afc52b1c080141bc5721c3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

uiextend

?SetTextColor@CLabel@@QAEXK@Z
?SetBackgroundColor@CLabel@@QAEXK@Z
??1CLabel@@UAE@XZ
?SetRange@CNumericEdit@@QAEXII@Z
?GetContent@CMSFlexGridExt@@QAEKPAEK@Z
?ValidateInput@CMSFlexGridExt@@QAE_NXZ
??0CLabel@@QAE@XZ
?ResetContent@CMSFlexGridExt@@QAEXXZ
?GetValue@CNumericEdit@@QAEIXZ
?IsValidInput@CNumericEdit@@QAE_NXZ
?SetValue@CNumericEdit@@QAEXI@Z
?AllowHexInput@CNumericEdit@@QAEXXZ
?SetEditableCells@CMSFlexGridExt@@QAEXJ@Z
?InitColumnHeader@CMSFlexGridExt@@QAEXJ@Z
?InitRowHeader@CMSFlexGridExt@@QAEXJ@Z
?Init@CMSFlexGridExt@@QAEXJJJJJ@Z
??1CNumericEdit@@UAE@XZ
??0CNumericEdit@@QAE@XZ
??1CMSFlexGridExt@@UAE@XZ
?Fill@CMSFlexGridExt@@QAEXPAEK_N@Z
??0CMSFlexGridExt@@QAE@XZ

a6api

A6_Sc1608ReadZone
A6_UlWriteSector
A6_UlReadSector
A6_UlHalt
A6_UlReadUID
A6_UlSelect
A6_S70DecrementValue
A6_S50DecrementValue
A6_S70IncrementValue
A6_S50IncrementValue
A6_S70InitializeValue
A6_S50InitializeValue
A6_S70ReadValue
A6_S50ReadValue
A6_S70WriteOneBlock
A6_S50WriteOneBlock
A6_Sle4442ReadSecurityMemory
A6_Sle4442WriteProtectionMemory
A6_Sle4442WriteMainMemory
A6_Sle4442UpdatePSC
A6_Sle4428WriteWithoutPB
A6_Sle4428WriteWithPB
A6_Connect
A6_Cancel
A6_Disconnect
A6_PermitInsertion
A6_ReadICStype
A6_DenieInsertion
A6_Reset
A6_ExecCommand
A6_LedControl
A6_GetStatus
A6_GetSenserDetail
A6_GetSenserLevel
A6_MoveCard
A6_DetectICCType
A6_DetectRFCardType
A6_Intake
A6_ReadCounts
A6_ClearCounts
A6_SetBaudRate
A6_TurnOffRF
A6_ReadTracks
A6_CpuActivate
A6_CpuTransmit
A6_Sle4442Reset
A6_Sle4442VerifyPSC
A6_Sle4442ReadMainMemory
A6_Sle4442ReadProtectionBits
A6_Sle4428Reset
A6_Sle4428VerifyPSC
A6_Sle4428ReadProtectionBits
A6_S50Select
A6_S50ReadUID
A6_S50VerifyPassword
A6_S50ReadOneBlock
A6_S70Select
A6_S70ReadUID
A6_S70VerifyPassword
A6_S70ReadOneBlock
A6_TypeABCpuActivate
A6_TypeABCpuTransmit
A6_CpuDeactivate
A6_Db041ReadPage
A6_Db041WritePage
A6_Db041Reset
A6_I2cRead
A6_I2cWrite
A6_SamActivate
A6_SamDeactivate
A6_SamSelect
A6_SamTransmit
A6_Sc102Personalize
A6_Sc102VerifySC
A6_Sc102UpdateEZ1
A6_Sc102UpdateEZ2
A6_Sc102ReadMemory
A6_Sc102WriteMemory
A6_Sc102EraseMemory
A6_Sc102EraseAZ1
A6_Sc102EraseAZ2
A6_Sc102Reset
A6_Sc1604Reset
A6_Sc1604Personalize
A6_Sc1604VerifyPassword
A6_Sc1604UpdatePassword
A6_Sc1604ReadMemory
A6_Sc1604WriteMemory
A6_Sc1604EraseMemory
A6_Sc1608Reset
A6_Sc1608VerifyPassword
A6_Sc1608UpdatePassword
A6_Sc1608InitAuth
A6_Sc1608VerifyAuth
A6_Sle4428ReadWithoutPB
A6_Sc1608WriteZone
A6_Sc1608ReadFuses
A6_Sc1608WriteFuses
A6_Sle4428UpdatePSC

mfc100u

ord385
ord658
ord3763
ord2844
ord5558
ord12610
ord2887
ord2884
ord7385
ord2418
ord14146
ord14148
ord14147
ord14145
ord14149
ord14132
ord14059
ord14060
ord8273
ord11081
ord7126
ord10937
ord13380
ord8112
ord11210
ord6247
ord10045
ord8393
ord2853
ord12724
ord11246
ord11244
ord1501
ord1508
ord1514
ord1512
ord1519
ord4388
ord4425
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord4413
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord2852
ord11159
ord5143
ord5468
ord9333
ord6117
ord897
ord3436
ord2617
ord7901
ord3749
ord2748
ord8266
ord5809
ord1905
ord3261
ord6713
ord9525
ord4805
ord12951
ord12170
ord11164
ord3397
ord788
ord1212
ord10081
ord1861
ord11940
ord7973
ord8179
ord7006
ord4360
ord1313
ord3978
ord1476
ord1312
ord4810
ord2805
ord12132
ord3866
ord7624
ord5830
ord8347
ord8372
ord8277
ord2417
ord12606
ord5556
ord2756
ord2980
ord2981
ord10412
ord10058
ord11123
ord266
ord265
ord1440
ord3846
ord12783
ord12785
ord12413
ord7526
ord1479
ord2151
ord5227
ord2614
ord11516
ord1947
ord5198
ord542
ord1068
ord3368
ord3248
ord13305
ord7241
ord7246
ord12512
ord5925
ord5357
ord11153
ord8270
ord3752
ord13067
ord7151
ord6344
ord381
ord6711
ord11163
ord286
ord6346
ord5311
ord1739
ord14162
ord10976
ord13267
ord11469
ord7179
ord13570
ord13567
ord13572
ord13569
ord13571
ord13568
ord3416
ord5261
ord11228
ord11236
ord7391
ord9498
ord11240
ord11209
ord11845
ord4642
ord4923
ord5115
ord8483
ord4901
ord5118
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9328
ord8346
ord6140
ord4086
ord950
ord5801
ord5862
ord3446
ord296
ord902
ord4290
ord1987
ord948
ord921
ord1266
ord1127
ord3627
ord3981
ord6539
ord12325
ord849
ord1298
ord1957
ord7548
ord11784
ord13854
ord4744
ord2164
ord11476
ord11477
ord13381
ord7108
ord13387
ord8530
ord3684
ord3625
ord12351
ord11864
ord1895
ord7176
ord1934
ord1292
ord890
ord6869
ord9447
ord2089
ord1300
ord3402

msvcr100

_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_onexit
__CxxFrameHandler3
_wcsdup
vswprintf_s
isdigit
_wtoi
_wcsicmp
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_unlock
__dllonexit
_lock
memset
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
free

kernel32

Sleep
SetEvent
WaitForSingleObject
ResetEvent
CreateFileW
GetLastError
CloseHandle
GetLocalTime
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
HeapSetInformation
ResumeThread
EncodePointer
DecodePointer
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
CreateEventW

user32

SetRectEmpty
PostMessageW
LoadStringW
GetFocus
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
PostQuitMessage
GetWindowRect
SendMessageW
LoadIconW
EnableWindow
MessageBoxW

comctl32

InitCommonControlsEx

skinppwtl

ord2
ord3

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e3764e31afc52b1c080141bc5721c3c

Headers

DLL Characteristics

File Characteristics

Imports

uiextend

a6api

mfc100u

msvcr100

kernel32

user32

comctl32

skinppwtl

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 15KB - Virtual size: 15KB