读卡测试[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

读卡测试.exe
Size

627KB
MD5

41ce775df6acb041e5f05fa35e849cea
SHA1

276f1ca2e087151f1fefddac40a92d33cb1a9061
SHA256

b67cf98a004b519b4639df0b37cbca42b9b45438ead36f92d3d7c9baadcdceb7
SHA512

20d223d866371bf88a48b8b2ea2d5c0a39591235ee1ec2033816f201943e236ad40db63c6e76c64371b7a1522339ba18501acd000f601cf3df01796f5f8fe978
SSDEEP

6144:EhpQ4B8dy0FXfsW8nAG9C44VOoehOIzbgIfd656c6IfiGj4:ETQ4B8c0FvsdnRsOoeDzPl6KIfTM

Score

1^/10

Malware Config

Signatures

Files

读卡测试.exe
.exe windows x86

9bc43fe5f4a7f21d626be50b3857ac8e

Code Sign

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/12/2014, 00:00

Not After

02/12/2029, 23:59

Subject

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:10:58:ed:8f:97:db:fa:d1:1b:83:1f:7e:4d:e9:70
Certificate

Issuer

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/06/2020, 00:00

Not After

23/06/2021, 23:59

Subject

SERIALNUMBER=91350200MA2XNQHEXH,CN=易联众智能（厦门）科技有限公司,O=易联众智能（厦门）科技有限公司,POSTALCODE=361008,STREET=软件园二期观日路18号102室,L=厦门市,ST=福建省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d1:8f:9e:01:26:a8:7c:a1:f7:bb:27:cd:52:0b:fe:21:3d:0f:c5:ab
Signer

Actual PE Digest

d1:8f:9e:01:26:a8:7c:a1:f7:bb:27:cd:52:0b:fe:21:3d:0f:c5:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
IsBadWritePtr
SetStdHandle
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
HeapSize
CreateThread
HeapReAlloc
PurgeComm
GetCommTimeouts
SetCommTimeouts
CreateNamedPipeA
ConnectNamedPipe
ResetEvent
GetOverlappedResult
DeviceIoControl
GetCommState
Sleep
SetCommState
DisconnectNamedPipe
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
RtlUnwind
GetTickCount
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
InterlockedDecrement
WritePrivateProfileStringA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
GetModuleFileNameA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
LoadResource
LockResource
SizeofResource
FindResourceA
FreeLibrary
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
RaiseException
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenA
lstrcmpiA
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA

user32

SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
GetSysColorBrush
LoadCursorA
EnableWindow
SendMessageA
CharUpperA
UnregisterClassA
LoadIconA
GetSystemMetrics
DrawIcon
IsIconic
GetClientRect
GetDC
ReleaseDC
IsWindowVisible
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
PostQuitMessage
SetCursor
ValidateRect
GetCursorPos
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
TranslateMessage
GetMessageA
wsprintfA
MapDialogRect
MessageBoxA
SetWindowContextHelpId
UpdateWindow
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindow
PtInRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
SetForegroundWindow
EndPaint
DestroyMenu
SetCapture
ReleaseCapture
CharNextA
IsRectEmpty
PostThreadMessageA
RegisterClipboardFormatA
SetRect
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
RestoreDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDIBColorTable
GetObjectA
SetDIBColorTable
DeleteDC
CreateDIBSection
CreateCompatibleDC
SetMapMode
SelectObject
StretchBlt
DeleteObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenSCManagerA
CloseServiceHandle
QueryServiceStatus
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
OpenServiceA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

VariantCopy
SafeArrayDestroy
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysFreeString
SystemTimeToVariantTime
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen

gdiplus

GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipGetImageHeight
GdipDisposeImage
GdipFree
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusShutdown
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipCloneImage

ws2_32

closesocket
connect
htons
inet_addr
socket
WSAStartup
recv
send
WSACleanup

winscard

SCardListReadersA
SCardFreeMemory
SCardReleaseContext
SCardEstablishContext
SCardTransmit
g_rgSCardT0Pci
SCardConnectA
SCardDisconnect
g_rgSCardT1Pci

setupapi

SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiSetClassInstallParamsA

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
HidD_SetFeature
HidD_GetAttributes
HidD_GetHidGuid

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bc43fe5f4a7f21d626be50b3857ac8e

Code Sign

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate

Extended Key Usages

Key Usages

3c:10:58:ed:8f:97:db:fa:d1:1b:83:1f:7e:4d:e9:70Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

d1:8f:9e:01:26:a8:7c:a1:f7:bb:27:cd:52:0b:fe:21:3d:0f:c5:abSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

winscard

setupapi

hid

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 12KB - Virtual size: 132KB

.rsrc Size: 288KB - Virtual size: 285KB

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

3c:10:58:ed:8f:97:db:fa:d1:1b:83:1f:7e:4d:e9:70
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

d1:8f:9e:01:26:a8:7c:a1:f7:bb:27:cd:52:0b:fe:21:3d:0f:c5:ab
Signer

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 12KB - Virtual size: 132KB

.rsrc
Size: 288KB - Virtual size: 285KB