b318dc0be0fb56e1ae70db1daaca258638211d9f7f4c5b3060861078e5553313

Sharing

Copy URL Twitter E-mail

General

Target

b318dc0be0fb56e1ae70db1daaca258638211d9f7f4c5b3060861078e5553313
Size

71KB
MD5

2c9a1eb8dbac8b1946e1812e76068bb7
SHA1

a38e1b8ffe77d92675f8f6f7efa12fd6a9a0b773
SHA256

b318dc0be0fb56e1ae70db1daaca258638211d9f7f4c5b3060861078e5553313
SHA512

536e5a8df929bf784751d5e5e65b9cb71c30b5cd3bc58a9b4fb01078c4f8ba7e4da2c43b1785d90a59043ecc4ec3b0e364dd2a98560c4f5dcd526ce7038a75bf
SSDEEP

1536:N6zjjYCzkX0bS0QD+SRkAsUf/vAkGIYwjn:8bzkXSQD++xbYwb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b318dc0be0fb56e1ae70db1daaca258638211d9f7f4c5b3060861078e5553313

Files

b318dc0be0fb56e1ae70db1daaca258638211d9f7f4c5b3060861078e5553313
.dll windows x86

68eb1080b495a3f3fe1473eb718f5a47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetAttributes
HidD_SetFeature
HidD_GetHidGuid
HidD_GetFeature

kernel32

GetProcAddress
EnterCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
Sleep
CreateFileW
DisableThreadLibraryCalls
DeviceIoControl
QueryPerformanceFrequency
WinExec
GetVersion
WriteConsoleW
SetStdHandle
WideCharToMultiByte
InitializeCriticalSection
GetModuleHandleW
LocalFree
CloseHandle
ReleaseMutex
CreateFileMappingW
GetLastError
GetVersionExW
FlushViewOfFile
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateMutexW
GetWindowsDirectoryA
IsProcessorFeaturePresent
RtlUnwind
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LoadLibraryW
FlushFileBuffers
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
LCMapStringW
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

wsprintfW

advapi32

SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
GetSecurityDescriptorSacl
RegCloseKey
RegOpenKeyExW
RegDeleteValueA
StartServiceW
RegQueryValueExA
RegSetValueExA
OpenServiceW
OpenSCManagerW
CloseServiceHandle
InitializeSecurityDescriptor

winscard

g_rgSCardT0Pci
SCardEstablishContext
SCardGetAttrib
SCardReleaseContext
SCardDisconnect
g_rgSCardT1Pci
SCardConnectW
SCardTransmit
SCardListReadersW

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Child
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW
CM_Get_Parent

Exports

Exports

UKeyHAReadData
UKeyHAWriteData
UKeySCBeginTransaction
UKeySCConnectDev
UKeySCDisconnectDev
UKeySCEndTransaction
UKeySCGetDeviceInstance
UKeySCListDevs
UKeySCResetCard
UKeySCTransmit
UKeySCTransmitEx

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68eb1080b495a3f3fe1473eb718f5a47

Headers

DLL Characteristics

File Characteristics

Imports

hid

kernel32

user32

advapi32

winscard

setupapi

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 65KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 65KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB