276f1fbd08a732e9772c02e2a9b85f1e2cac480cfbe723523eb5bce9f570d199

Sharing

Copy URL Twitter E-mail

General

Target

276f1fbd08a732e9772c02e2a9b85f1e2cac480cfbe723523eb5bce9f570d199
Size

5.5MB
MD5

78c0004c88467b725e67b7f00db7caa7
SHA1

b53d857666f15087eecb8cfd3c73294e4720fc36
SHA256

276f1fbd08a732e9772c02e2a9b85f1e2cac480cfbe723523eb5bce9f570d199
SHA512

95f6aedd8df77b01f30e4b4cd4abeb2bb00d25fb59d59e7b68e0ccde3ffd627cb3f59c3f27e005b22822e4747e69ae7d9cbccad7eb8e5432cf9648bd106b9554
SSDEEP

98304:xkWBZuce6L1FY1GL20leGHTlvgkHi3SFQW9b8FnzS4A43DFLOAkGkzdnEVomFHK9:FJEGL2ZOlvM+18FnzFFLOyomFHKnPAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276f1fbd08a732e9772c02e2a9b85f1e2cac480cfbe723523eb5bce9f570d199

Files

276f1fbd08a732e9772c02e2a9b85f1e2cac480cfbe723523eb5bce9f570d199
.exe windows:5 windows x86 arch:x86

e574f0ac7ac58b34981fdd4cc30ae8d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

hid

HidD_GetHidGuid
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

kernel32

RtlUnwind
RaiseException
HeapAlloc
GetTickCount
FlushFileBuffers
ReadFile
WriteFile
CancelIo
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
FindFirstFileA
FindClose
SetEvent
WaitForSingleObject
GetExitCodeThread
ResumeThread
SuspendThread
CreateToolhelp32Snapshot
Thread32First
Thread32Next
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
SetUnhandledExceptionFilter
DeleteFileA
GetLocalTime
CreateDirectoryA
GetModuleFileNameA
FindResourceExW
InterlockedDecrement
InterlockedIncrement
Sleep
GetWindowsDirectoryA
FreeLibrary
lstrcpyA
MultiByteToWideChar
lstrlenA
MulDiv
lstrcatA
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceW
GetModuleHandleA
LoadLibraryA
GetProcAddress
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
HeapFree
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetTimeFormatA
GetNumberFormatA
SetErrorMode
VirtualProtect
GetTempPathA
GetProfileIntA
GetShortPathNameA
GetVolumeInformationA
GetDateFormatA
ExitThread
CreateThread
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
MoveFileA
lstrcmpiA
GetStringTypeExA
SearchPathA
GetACP
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
TlsGetValue
GlobalFlags
LocalAlloc
GetFileAttributesExA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileSizeEx
LocalFileTimeToFileTime
TerminateThread
InterlockedCompareExchange
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
GetCurrentDirectoryW
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GetDriveTypeW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetHandleCount
HeapCreate
GetStdHandle
GetStringTypeW
CompareStringW
IsValidCodePage
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
GetStartupInfoW
HeapSetInformation
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GlobalAddAtomA
GlobalGetAtomNameA
GlobalUnlock
GlobalLock
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
FreeResource
FindResourceA
GlobalSize
GlobalFree
GlobalReAlloc
GlobalAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetFileAttributesA
GetFileSize
GetCurrentDirectoryA
SetThreadPriority
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
lstrlenW
LocalFree
FormatMessageA
CopyFileA
GetThreadLocale
FileTimeToSystemTime
SystemTimeToFileTime
lstrcmpA
FindNextFileA
FileTimeToLocalFileTime
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetUserDefaultLCID
ReplaceFileA
SetFileTime
GetFileTime
GetCommandLineA

user32

DrawTextExA
GrayStringA
MsgWaitForMultipleObjects
PeekMessageA
LoadIconW
SetWindowTextA
ClientToScreen
GetWindowLongA
SetWindowLongA
MessageBoxA
IsIconic
IsZoomed
SetWindowRgn
IsWindowVisible
GetTopWindow
SetParent
SetForegroundWindow
GetClassLongA
DestroyWindow
TranslateAcceleratorA
ShowWindow
SetMenu
BringWindowToTop
GetLastActivePopup
IntersectRect
GetClassInfoA
GetMenuItemCount
GetMenuItemID
InsertMenuItemA
SetActiveWindow
LoadAcceleratorsA
GetDlgCtrlID
GetDlgItem
EqualRect
IsWindowEnabled
GetActiveWindow
GetWindowThreadProcessId
SetFocus
SetWindowPos
WinHelpA
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetClassNameA
CallWindowProcA
DefWindowProcA
GetWindowPlacement
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
AdjustWindowRectEx
RegisterClassA
GetClassInfoExA
CreateWindowExA
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetMessageTime
UnhookWindowsHookEx
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
RemovePropA
GetPropA
SetPropA
CallNextHookEx
SetWindowsHookExA
SendDlgItemMessageA
LoadIconA
RegisterWindowMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
DrawTextA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CheckDlgButton
IsDialogMessageA
MoveWindow
AppendMenuA
GetMenuDefaultItem
InsertMenuA
SetMenuDefaultItem
RegisterClipboardFormatA
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
UnionRect
GetAsyncKeyState
GetUpdateRect
LockWindowUpdate
WindowFromPoint
ReleaseDC
GetKeyNameTextA
MapVirtualKeyA
SetClassLongA
DeleteMenu
GetSystemMenu
LoadCursorW
MessageBeep
NotifyWinEvent
SetTimer
ValidateRect
EnableScrollBar
UpdateLayeredWindow
MonitorFromPoint
GetMessageA
DestroyAcceleratorTable
GetWindowDC
TranslateMessage
GetMenuItemInfoA
GetMenuStringA
EnumDisplayMonitors
SetLayeredWindowAttributes
RemoveMenu
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
PostQuitMessage
ShowOwnedPopups
LoadAcceleratorsW
MapDialogRect
SetWindowContextHelpId
WaitMessage
PostThreadMessageA
CharUpperBuffA
InvertRect
HideCaret
SetCursorPos
RealChildWindowFromPoint
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SubtractRect
UnregisterClassA
GetDoubleClickTime
EnumChildWindows
CharNextA
InvalidateRgn
GetNextDlgGroupItem
DrawIcon
IsCharLowerA
MapVirtualKeyExA
CreateMenu
GetWindowRgn
CreatePopupMenu
PostMessageA
DefFrameProcA
TabbedTextOutA
IsClipboardFormatAvailable
GetKeyState
GetWindow
DrawStateA
GetIconInfo
GetSysColor
SetRectEmpty
InflateRect
LoadBitmapW
GetSubMenu
LoadMenuW
GetWindowRect
GetClientRect
GetDesktopWindow
ScreenToClient
UpdateWindow
InvalidateRect
EnableWindow
SendMessageA
IsChild
GetFocus
GetParent
LoadCursorA
IsWindow
SystemParametersInfoA
GetMenu
IsRectEmpty
PtInRect
OffsetRect
BeginPaint
EndPaint
GetSysColorBrush
DrawFrameControl
GetMessagePos
SetRect
GetDC
DrawIconEx
LoadImageA
DestroyIcon
KillTimer
GetCursorPos
GetSystemMetrics
ReleaseCapture
DrawEdge
GetCapture
SetCapture
FrameRect
CopyRect
DrawFocusRect
RedrawWindow
wsprintfA
FillRect
DestroyCursor
CopyIcon
SetCursor
IsMenu
CharUpperA

gdi32

GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetObjectType
CreateHatchBrush
SetRectRgn
GetMapMode
DPtoLP
CreateDIBitmap
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
SetLayout
GetLayout
SetTextAlign
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
SetPixelV
GetTextFaceA
EnumFontFamiliesExA
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetSystemPaletteEntries
GetNearestPaletteIndex
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
SetPaletteEntries
GetObjectA
EnumFontFamiliesA
GetTextCharsetInfo
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
PatBlt
BitBlt
CreatePen
CreatePalette
GetDeviceCaps
RealizePalette
Rectangle
GetTextExtentPoint32A
SetBkColor
SetTextColor
SetBrushOrgEx
CreateDCA
ExtTextOutA
GetTextMetricsA
GetStockObject
Polygon
CreateBitmap
GetPixel
CreateSolidBrush
DeleteObject
SelectClipRgn
CreateRectRgn
LineTo
MoveToEx
DeleteDC
SetPixel
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
RestoreDC
SaveDC
CreateRoundRectRgn
GetPaletteEntries
ExtFloodFill
GetRgnBox
OffsetRgn
RoundRect
Polyline
Ellipse
CopyMetaFileA
StretchBlt
CombineRgn
SelectPalette
GetDIBits
SetDIBColorTable
GetTextColor
CreateRectRgnIndirect
CreateDIBSection
OffsetViewportOrgEx

comdlg32

GetFileTitleA

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
ExtractIconA
DragAcceptFiles
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHAddToRecentDocs
DragFinish
DragQueryFileA

oleaut32

VariantInit
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
SystemTimeToVariantTime
VarBstrFromDate
VariantCopy

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_DrawEx
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create

shlwapi

PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW

oledlg

ord8

gdiplus

GdipFree
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipAlloc

ws2_32

WSASetLastError
gethostname
gethostbyname
shutdown
WSACleanup
WSAStartup
socket
htons
bind
WSAGetLastError
listen
accept
inet_ntoa
send
recv
closesocket
inet_addr

gddap

?GDDAP_WriteD32@@YAHKK@Z
?GDDAP_ReadAP@@YAHEPAK@Z
?GDDAP_WriteAP@@YAHEK@Z
?GDDAP_WriteDP@@YAHEK@Z
?GDDAP_ReadD32@@YAHKPAK@Z
?GDDAP_Commands@@YAHHPAPAEPAH01@Z
?GDDAP_WriteMem@@YAHPAKPAEK@Z
?GDDAP_GetARMRegs@@YAHPAK0_K@Z
?GDDAP_ReadD16@@YAHKPAG@Z
?GDDAP_DebugDeInit@@YAHXZ
?HIDDev_GetDeviceNum@@YAHPAPAD@Z
?HIDDev_Open@@YAHXZ
?HIDDev_SWJ_Pins@@YAHH@Z
?GDDAP_ReadMem@@YAHPAKPAEK@Z
?GDDAP_SetARMRegs@@YAHPAK0_K@Z
?GDDAP_WriteD8@@YAHKE@Z
?HIDDev_ConnectMCU@@YAHHJPAKPAH@Z
?HIDDev_SelectIndex@@YAHPAD@Z
?HIDDev_Product@@YAHHPADH@Z
?GDDAP_DLL_DeInit@@YAHXZ
?GDDAP_DLL_Init@@YAHXZ
?HIDDev_Close@@YAHXZ
?HIDDev_GetUSBType@@YAHXZ
?GDDAP_RISCV013_Step@@YAHXZ
?GDDAP_WriteD16@@YAHKG@Z
?GDDAP_RISCV013_Reset@@YAHXZ
?GDDAP_RISCV013_Run@@YAHXZ
?GDDAP_RISCV013_WriteRegister@@YAHPAKK@Z
?GDDAP_RISCV013_ReadRegister@@YAHPAKK@Z
?GDDAP_RISCV013_IsHalted@@YAHXZ
?GDDAP_RISCV013_Halt@@YAHXZ
?GDDAP_DebugInit@@YAHH@Z

dbghelp

MiniDumpWriteDump

gd_mcu_dll

GD32MCU_InitParaByPartNo
GD32MCU_GetMCUPartNo
GD32MCU_DLL_Init
GD32MCU_GetOnePageInfo
GD32MCU_GetMCUCore
GD32MCU_GetMCUID
GD32MCU_GetMCUIDSize
GD32MCU_GetPagePerSector
GD32MCU_GetPageSize
GD32MCU_GetPageNumber
GD32MCU_GetSRAMSize
GD32MCU_GetBank1PageNumber
GD32MCU_GetBank2PageNumber
GD32MCU_GetMCUPartNoCount
GD32MCU_GetMCUPartNoPID
GD32MCU_DLL_UnInit
GD32MCU_GetFlashSize
GD32MCU_GetMCUSeries
GD32MCU_GetMCUMapSize
GD32MCU_GetPartNoList
GD32MCU_InitParaByMCUID

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExW
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA

ole32

OleFlushClipboard
DoDragDrop
OleLockRunning
CoGetClassObject
StgCreateDocfileOnILockBytes
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitializeEx
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
OleCreateMenuDescriptor

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1016KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e574f0ac7ac58b34981fdd4cc30ae8d3

Headers

DLL Characteristics

File Characteristics

Imports

version

hid

setupapi

kernel32

user32

gdi32

comdlg32

shell32

oleaut32

msimg32

comctl32

shlwapi

oledlg

gdiplus

ws2_32

gddap

dbghelp

gd_mcu_dll

oleacc

imm32

winmm

winspool.drv

advapi32

ole32

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 437KB - Virtual size: 436KB

.data Size: 1016KB - Virtual size: 1.0MB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 222KB - Virtual size: 222KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 437KB - Virtual size: 436KB

.data
Size: 1016KB - Virtual size: 1.0MB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 222KB - Virtual size: 222KB