f016852362cb762c15dc845c8bcc3f7788630ac206dee3fc288eceff62f57cef

Sharing

Copy URL Twitter E-mail

General

Target

f016852362cb762c15dc845c8bcc3f7788630ac206dee3fc288eceff62f57cef
Size

914KB
MD5

9defa8f244f346607d50eb8e076629d9
SHA1

2e13ace42ff47646e6c8c45587ede9d7055da218
SHA256

f016852362cb762c15dc845c8bcc3f7788630ac206dee3fc288eceff62f57cef
SHA512

01b56bb848acf93d300b9d5c0361c49d857af61feb5a29495e58818d0055b5eec8dee9f517a71454e426495fbee0f1822d0ca519155e82eb84c16a39a6709ca5
SSDEEP

24576:iF7foN+X6h2oQM2N82mDoYjcbYDr6O6jqPDO1kHDTa:w1X6huLF46OTC1+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f016852362cb762c15dc845c8bcc3f7788630ac206dee3fc288eceff62f57cef

Files

f016852362cb762c15dc845c8bcc3f7788630ac206dee3fc288eceff62f57cef
.exe windows:5 windows x86

cce2210155faac3e04f7b9fe5a88af42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetInputReport
HidD_SetOutputReport
HidD_GetHidGuid
HidD_GetManufacturerString
HidD_GetProductString
HidD_GetSerialNumberString
HidD_GetAttributes

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

mfc110u

ord13699
ord3211
ord9085
ord10847
ord6840
ord12011
ord8816
ord14408
ord11774
ord3780
ord11927
ord8990
ord11564
ord11563
ord5528
ord10133
ord10129
ord10131
ord10132
ord10130
ord2706
ord8055
ord3247
ord3250
ord13573
ord6089
ord3109
ord3348
ord3349
ord4033
ord11233
ord10860
ord8891
ord11969
ord266
ord323
ord1045
ord265
ord2331
ord14477
ord12239
ord2329
ord14424
ord2324
ord12182
ord6617
ord10224
ord7505
ord990
ord1464
ord7844
ord2154
ord2220
ord13263
ord7169
ord13732
ord6724
ord12760
ord10278
ord4529
ord12085
ord6219
ord14488
ord6220
ord14489
ord6218
ord14487
ord7847
ord12364
ord14287
ord11821
ord11820
ord1985
ord7789
ord12779
ord4031
ord4093
ord9248
ord14415
ord7770
ord14409
ord12375
ord11962
ord2432
ord5233
ord8169
ord12697
ord8230
ord8314
ord8305
ord2747
ord12839
ord11731
ord14037
ord8825
ord9058
ord8323
ord14129
ord12416
ord6091
ord13577
ord2707
ord12058
ord9106
ord6000
ord6681
ord996
ord1415
ord6419
ord12097
ord579
ord1198
ord2164
ord2194
ord3639
ord4824
ord4847
ord2954
ord5792
ord285
ord286
ord13958
ord4416
ord5298
ord3775
ord884
ord1382
ord10883
ord7662
ord13765
ord13365
ord1514
ord2935
ord2123
ord8599
ord4168
ord6477
ord3873
ord2472
ord14198
ord8670
ord14055
ord6403
ord8204
ord8609
ord8572
ord12716
ord4602
ord12594
ord14242
ord3882
ord3317
ord3316
ord3210
ord12006
ord5664
ord10100
ord9060
ord13097
ord10317
ord7347
ord1106
ord6359
ord6436
ord3824
ord296
ord1039
ord4754
ord2251
ord1104
ord461
ord6969
ord1134
ord491
ord1466
ord994
ord7293
ord3794
ord5789
ord12077
ord12086
ord8062
ord10279
ord12089
ord12057
ord12761
ord5128
ord5425
ord5635
ord9200
ord5401
ord5638
ord5131
ord5287
ord5109
ord7572
ord7573
ord7563
ord5285
ord8064
ord10095
ord9059
ord7338
ord4530
ord1502
ord1504
ord4853
ord12095
ord1707
ord1716
ord1724
ord1720
ord1729
ord4858
ord4895
ord4866
ord4878
ord4874
ord4870
ord4901
ord4891
ord4862
ord4905
ord1126
ord4883
ord4886
ord4441
ord9541
ord4433
ord3000
ord14410
ord7771
ord14416
ord6739
ord11555
ord13524
ord5806
ord1505
ord324
ord1046
ord2311
ord2357
ord2355
ord8308
ord2628
ord12374

msvcr110

memcpy
__RTDynamicCast
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__CxxFrameHandler3
swprintf_s
printf
memcpy_s
free
malloc
memset

kernel32

WaitForSingleObject
SetEvent
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
LocalFree
GetLastError
FormatMessageW
lstrlenW
LocalAlloc
CreateFileW
SetLastError
CloseHandle
ResumeThread
Sleep

user32

GetWindowRect
SetForegroundWindow
GetCursorPos
GetSubMenu
LoadMenuW
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
RegisterDeviceNotificationW
SendMessageW
AppendMenuW
GetSystemMenu
LoadIconW
EnableWindow
PostMessageW
SetRect

comctl32

InitCommonControlsEx

rtbridgeboardcore

?DisconnectBridge@@YAHPAVIRTBridgeBoard@@@Z
?ConnectToBridge@@YAPAVIRTBridgeBoard@@PAXPAUBRIDGEDEVICEINFO@@@Z
?GetFirstDeviceInfoPosition@@YAPAU__POSITION@@PAX@Z
?GetBridgeBoardCount@@YAHPAX@Z
?EnumerateBridgeBoard@@YAPAXXZ
?GetNextDeviceInfo@@YAPAUBRIDGEDEVICEINFO@@PAXAAPAU__POSITION@@@Z
?FreeEnumerateBridgeBoard@@YAHPAX@Z

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 834KB - Virtual size: 834KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce2210155faac3e04f7b9fe5a88af42

Headers

DLL Characteristics

File Characteristics

Imports

hid

setupapi

mfc110u

msvcr110

kernel32

user32

comctl32

rtbridgeboardcore

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 25KB

.rsrc Size: 834KB - Virtual size: 834KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 25KB

.rsrc
Size: 834KB - Virtual size: 834KB

.reloc
Size: 9KB - Virtual size: 8KB