379bca3ed35f56f948349791097d0e1c3baaf476f27c7e06147f50a7145d75ab

Sharing

Copy URL

Twitter E-mail

General

Target

379bca3ed35f56f948349791097d0e1c3baaf476f27c7e06147f50a7145d75ab
Size

5.0MB
MD5

7c1af271a4bc3f84a5e969c120ded3b6
SHA1

f28960a7091f4c6c97880e3919526c80755d7fd0
SHA256

379bca3ed35f56f948349791097d0e1c3baaf476f27c7e06147f50a7145d75ab
SHA512

42b5570662d909edf35498a4c5b7920e713a5f134932a5f8affdfb12777295c664786989ad42adc56bce83a125c8c23e289e69c1e52b5731451222fdbddaff83
SSDEEP

98304:GZYrXhO5CtLf/XGddDXlgOSXVsTT457zMHyznKQSsAGWS+Jswr:GZSZGiVL5vvD/SsAGWCwr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379bca3ed35f56f948349791097d0e1c3baaf476f27c7e06147f50a7145d75ab

Files

379bca3ed35f56f948349791097d0e1c3baaf476f27c7e06147f50a7145d75ab
.dll windows:5 windows x86 arch:x86

279915ccba5572accbfb9371480a9588

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winusb

WinUsb_GetOverlappedResult
WinUsb_QueryInterfaceSettings
WinUsb_QueryPipe
WinUsb_AbortPipe
WinUsb_Free
WinUsb_ReadPipe
WinUsb_WritePipe
WinUsb_Initialize

setupapi

CM_Get_DevNode_Registry_PropertyW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Parent
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiOpenDeviceInterfaceW
SetupDiCreateDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW

kernel32

GetSystemTimeAsFileTime
ExitThread
CreateThread
GetDateFormatW
GetCommandLineA
HeapReAlloc
HeapQueryInformation
HeapSize
ExitProcess
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
RaiseException
GetTimeFormatA
GetDateFormatA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
GetFileInformationByHandle
PeekNamedPipe
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetStartupInfoW
FatalAppExitA
HeapAlloc
GetConsoleMode
GetFullPathNameA
GetTimeZoneInformation
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetConsoleCtrlHandler
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
HeapFree
FindFirstFileExW
GetDriveTypeW
RtlUnwind
DecodePointer
EncodePointer
GetStringTypeW
InterlockedCompareExchange
LocalUnlock
FindResourceExW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
VirtualProtect
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetConsoleCP
GetCPInfo
GetProfileIntW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentDirectoryW
lstrcpyW
GetFileTime
GetFileSizeEx
SetFileTime
LocalFileTimeToFileTime
GetFileAttributesExW
SetErrorMode
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
InterlockedExchange
FreeResource
GlobalFindAtomW
GlobalDeleteAtom
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcmpiW
GetStringTypeExW
GlobalAddAtomW
GlobalFlags
lstrcmpW
SystemTimeToFileTime
GetThreadLocale
lstrlenA
lstrcmpA
GetAtomNameW
GlobalGetAtomNameW
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
CompareStringW
InterlockedIncrement
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileW
FindNextFileW
FindClose
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
SetLastError
GetTimeFormatW
GetSystemTime
GetModuleHandleW
GetSystemInfo
GetLocalTime
SetEvent
CancelIoEx
GetTickCount
OutputDebugStringW
CreateEventW
GetVersionExW
Sleep
DeviceIoControl
WideCharToMultiByte
CreateDirectoryW
RemoveDirectoryW
GetExitCodeProcess
CreatePipe
CreateProcessW
WaitForSingleObject
TerminateProcess
ReadFile
FormatMessageW
LocalLock
LocalFree
GetFileAttributesW
GetConsoleWindow
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateFileW
GetFileSize
CloseHandle
SetFileAttributesW
DeleteFileW
MoveFileW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
LCMapStringW

user32

UnpackDDElParam
ReuseDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFrameControl
DrawEdge
DrawStateW
GetSystemMenu
LoadMenuW
SetClassLongW
WindowFromPoint
DestroyAcceleratorTable
SetParent
SetWindowRgn
IsZoomed
GetDialogBaseUnits
DrawIconEx
GetNextDlgGroupItem
LoadImageW
CopyImage
GetIconInfo
OffsetRect
MessageBeep
NotifyWinEvent
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
MapVirtualKeyW
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
RedrawWindow
IntersectRect
KillTimer
SetTimer
InvalidateRect
DeleteMenu
ShowOwnedPopups
SetCursor
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
IsIconic
ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetKeyNameTextW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
DefFrameProcW
EndDeferWindowPos
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
CharUpperW
DestroyIcon
GetFocus
GetDesktopWindow
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
UnregisterClassW
GetWindowTextLengthW
GetWindowTextW
SetWindowsHookExW
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
LoadCursorW
GetSystemMetrics
GetDC
GetTabbedTextExtentW
GetDCEx
GetWindowRgn
WindowFromDC
DestroyCursor
DrawIcon
MapDialogRect
EnumChildWindows
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
GetUpdateRect
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
FrameRect
SendNotifyMessageW
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
InSendMessage
TranslateMDISysAccel
DrawMenuBar
IsChild
DefMDIChildProcW
EnableWindow
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
RegisterClassW
PostQuitMessage
DefWindowProcW
DestroyWindow
PostMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
MessageBoxW
CreateWindowExW
GetMessageW
DispatchMessageW
TranslateMessage
WaitMessage
PostThreadMessageW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExW
IsCharLowerW
EmptyClipboard
CloseClipboard
SetClipboardData
BeginDeferWindowPos
OpenClipboard
InflateRect
SetRect

gdi32

SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
TextOutW
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
GetCharWidthW
CreateFontW
StretchDIBits
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
GetCurrentObject
ScaleViewportExtEx
CreateRoundRectRgn
OffsetViewportOrgEx
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
GetDIBits
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
RoundRect
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
RectVisible
PtVisible
StartDocW
CreateDIBSection
SetViewportExtEx
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
SetViewportOrgEx
SelectObject
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
BitBlt
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
SetBkColor
SetTextColor
CreateBitmap
DeleteObject
CreateDCW
CopyMetaFileW
CreatePolygonRgn
GetDeviceCaps
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
Escape

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
GetJobW
ClosePrinter

advapi32

RegEnumValueW
RegSetValueW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueExW
GetFileSecurityW
SetFileSecurityW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW

shell32

SHBrowseForFolderW
ExtractIconW
SHGetFileInfoW
SHAddToRecentDocs
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
DragFinish
ShellExecuteExW
SHAppBarMessage
SHFileOperationW
SHGetMalloc
DragQueryFileW

comctl32

ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_DrawEx

shlwapi

PathIsRelativeW
PathCombineW
PathRelativePathToW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

ole32

OleCreateLinkToFile
OleCreateFromFile
OleSetContainedObject
GetHGlobalFromILockBytes
OleLoad
OleCreate
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSaveToStream
WriteClassStm
OleSave
StgCreateDocfileOnILockBytes
PropVariantCopy
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
OleSetMenuDescriptor
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleGetIconOfClass
OleCreateMenuDescriptor
StgIsStorageFile
StgOpenStorage
CreateFileMoniker
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfile
CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoUninitialize
CoCreateGuid
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTreatAsClass
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
CreateItemMoniker
CreateGenericComposite
OleRegEnumVerbs
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateDataAdviseHolder
CreateOleAdviseHolder
CoGetMalloc
GetRunningObjectTable
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleRun
OleDestroyMenuDescriptor
OleRegGetMiscStatus
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree

oleaut32

SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
VariantClear
SafeArrayCreate
SafeArrayPtrOfIndex
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SysAllocString
VariantInit
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysFreeString

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

oledlg

OleUIBusyW

Exports

Exports

InitializeBL
SetUSBPhyAddrEnable
SetWtptpLogPath
TerminateBL

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

279915ccba5572accbfb9371480a9588

Headers

DLL Characteristics

File Characteristics

Imports

winusb

setupapi

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

oleacc

gdiplus

imm32

winmm

oledlg

Exports

Exports

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 558KB - Virtual size: 558KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 198KB - Virtual size: 198KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 558KB - Virtual size: 558KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 198KB - Virtual size: 198KB