17ce42d7a035c2eeadf2264e3ada7350d5040781846a2f7efddf19b31840b100

Sharing

Copy URL Twitter E-mail

General

Target

17ce42d7a035c2eeadf2264e3ada7350d5040781846a2f7efddf19b31840b100
Size

541KB
MD5

5a25e2bb6ebd820266c3ac15a26b30a8
SHA1

07ff52d36d61a0f00904bdcbea0e71d5dd88c9af
SHA256

17ce42d7a035c2eeadf2264e3ada7350d5040781846a2f7efddf19b31840b100
SHA512

e63a86dc50237380c105b4c566aad7514b268a990a484c2c3c75c797ff0767a574b3f0c6765e3be810f3cf2ca4e28b06726e5f8521efa1455864b3d88ddc0e15
SSDEEP

6144:j3DbPzCaEMC5ezmc/D8dCQGNNNNNNNiNNNNNVANyyrY:THOatCWMsQGNNNNNNNiNNNNNVANzrY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17ce42d7a035c2eeadf2264e3ada7350d5040781846a2f7efddf19b31840b100

Files

17ce42d7a035c2eeadf2264e3ada7350d5040781846a2f7efddf19b31840b100
.exe windows x86

0eb27cc8526988f5edec8dfd5cd107b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qt5core

?trimmed@QString@@QGBE?AV1@XZ
??1QCoreApplication@@UAE@XZ
??0QCoreApplication@@QAE@AAHPAPADH@Z
?sharedNull@QArrayData@@SAPAU1@XZ
?deallocate@QArrayData@@SAXPAU1@II@Z
?allocate@QArrayData@@SAPAU1@IIIV?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?qBadAlloc@@YAXXZ
?number@QString@@SA?AV1@HH@Z
?split@QString@@QBE?AVQStringList@@VQChar@@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
??0QChar@@QAE@H@Z
?shared_null@QListData@@2UData@1@B
?readLine@QTextStream@@QAE?AVQString@@_J@Z
??1QTextStream@@UAE@XZ
??0QTextStream@@QAE@PAVQIODevice@@@Z
?size@QFile@@UBE_JXZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?exists@QFile@@QBE_NXZ
??1QFile@@UAE@XZ
??0QFile@@QAE@ABVQString@@@Z
?close@QFileDevice@@UAEXXZ
?end@QListData@@QBEPAPAXXZ
?begin@QListData@@QBEPAPAXXZ
?at@QListData@@QBEPAPAXH@Z
?isEmpty@QListData@@QBE_NXZ
?size@QListData@@QBEHXZ
?append@QListData@@QAEPAPAXXZ
?dispose@QListData@@SAXPAUData@1@@Z
??0QString@@QAE@ABV0@@Z
??1QString@@QAE@XZ
??4QString@@QAEAAV0@$$QAV0@@Z
?mid@QString@@QBE?AV1@HH@Z
?split@QString@@QBE?AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
??8QString@@QBE_NPBD@Z
??9QString@@QBE_NPBD@Z
?fromStdString@QString@@SA?AV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?toStdString@QString@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?isNull@QString@@QBE_NXZ
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
?detach@QListData@@QAEPAUData@1@H@Z
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
??0QString@@QAE@XZ

msvcp140

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?uncaught_exception@std@@YA_NXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

atlinklib

ATLINK_SPIMAllErase_Target
ATLINK_GetStatus_Target
ATLINK_GetDeviceID_Target
ATLINK_SetDeviceID_Target
ATLINK_SetState_Target
ATLINK_UPLoad_Target
ATLINK_ReadUserSystemData_Target
ATLINK_WriteMainFlashBegin_Target
ATLINK_WriteMainFlashEnd_Target
ATLINK_WriteSPIMBegin_Target
ATLINK_WriteSPIMEnd_Target
ATLINK_WriteUserSystemDataBegin_Target
ATLINK_WriteUserSystemDataEnd_Target
ATLINK_DownLoad_Target
ATLINK_GetVersion
ATLINK_GetSerialNumber
ATLINK_Close
ATLINK_Open
ATLINK_GetATLinkDeviceList
ATLINK_Exit
ATLINK_Init
ATLINK_BLECHIP_SetCRCValue
ATLINK_BLECHIP_DisableProtect
ATLINK_BLECHIP_EnableProtect
ATLINK_BLECHIP_SectorErase
ATLINK_BLECHIP_EraseAllFlash
ATLINK_BLECHIP_EraseRDNFlash
ATLINK_BLECHIP_EraseNVRFlash
ATLINK_BLECHIP_EraseMainFlash
ATLINK_BLECHIP_ReadFlash
ATLINK_BLECHIP_WriteFlash
ATLINK_BLECHIP_SelectFlashSpace
ATLINK_BLECHIP_WB415_Connect
ATLINK_SetICPVersion
ATLINK_DebugWriteMemory_Target
ATLINK_DebugReadMemory_Target
ATLINK_SetSysAPMode_Target
ATLINK_GetSysAPMode_Target
ATLINK_EnableSPIM_Target
ATLINK_UnAccessProtect_Target
ATLINK_AccessProtect_Target
ATLINK_WriteUserSystemData_Target
ATLINK_Bank2AllErase_Target
ATLINK_Bank1AllErase_Target
ATLINK_SysMemoryAllErase_Target
ATLINK_SectorErase_Target
ATLINK_GetTransType

vcruntime140

__std_terminate
memmove
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcpy
memchr
memset
__std_exception_copy
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_seh_filter_exe
_configure_narrow_argv
_get_initial_narrow_environment
_initterm
_crt_atexit
_cexit
_exit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_register_onexit_function
_initialize_onexit_table
exit
_controlfp_s
_initialize_narrow_environment
system
terminate
_invalid_parameter_noinfo_noreturn
_initterm_e

api-ms-win-crt-convert-l1-1-0

atoi
strtoll

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsprintf
_set_fmode
fread
__p__commode
__stdio_common_vfprintf
fwrite
fopen
fclose

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
__setusermatherr

api-ms-win-crt-string-l1-1-0

tolower
toupper

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
_callnewh

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eb27cc8526988f5edec8dfd5cd107b9

Headers

DLL Characteristics

File Characteristics

Imports

qt5core

msvcp140

atlinklib

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 373KB - Virtual size: 373KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 373KB - Virtual size: 373KB

.reloc
Size: 9KB - Virtual size: 9KB