46772d48631fd768c3c2b944fc948be2e27cfb6177116f2734b20bdef05fa9f7

Sharing

Copy URL Twitter E-mail

General

Target

46772d48631fd768c3c2b944fc948be2e27cfb6177116f2734b20bdef05fa9f7
Size

3.3MB
MD5

f700cacfc18afc4bb0c2b7f6ff84a3a6
SHA1

929f054d8b5e1592b7c693474d1f48e94275553e
SHA256

46772d48631fd768c3c2b944fc948be2e27cfb6177116f2734b20bdef05fa9f7
SHA512

cd0a479c71228c34c88fdcabdae2fbf2007f2c3ab235414500dce3ef53f03d494afff3bb88b62f1033953c099fa7c9a467b5e91c87c55a59bf177045feaa26f2
SSDEEP

98304:xK9c2oZK5F0QcE8bcDWefW93T6TphhU7iLwcyNaXwzm+B:xKijKD0QB8jefWJT6TphAiLUNaA9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pconline1591283403553/SM333v12_ReaderTool_I0310/sm333test.exe
unpack001/pconline1591283403553/sm2246XT_MPTool_O1224H.exe

Files

46772d48631fd768c3c2b944fc948be2e27cfb6177116f2734b20bdef05fa9f7
.zip
fcc7d49e884b1159f2971fe4da1403fd4a01c3a8.png@942w_683h_progressive.webp
pconline1591283403553/BadBinFile/Default/AA00000000000108289.Bad
pconline1591283403553/BadBinFile/Default/AA00000000000108290.Bad
pconline1591283403553/BadBinFile/Default/AA00000000000108291.Bad
pconline1591283403553/BadBinFile/Default/AA00000000000108292.Bad
pconline1591283403553/CID/Default.ini
pconline1591283403553/Config/Default.ini
pconline1591283403553/Config/Default.ini.bak
pconline1591283403553/Firmware/2246XT/2246nonDramRDT.bin
pconline1591283403553/Firmware/2246XT/BootISP2246.bin
pconline1591283403553/Firmware/2246XT/CheckSum.ini
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ProgramWithStatus.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ReadBadInfo.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ReadChunkEcc.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ReadChunkInfo.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ReadDistribution.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_ReadFlashDiagnosis.bin
pconline1591283403553/Firmware/2246XT/DgISP/DgISP_TranLba2Pba.bin
pconline1591283403553/Firmware/2246XT/ISP2246XT.bin
pconline1591283403553/Firmware/2246XT/MPISP2246.bin
pconline1591283403553/Firmware/2246XT/MainISP.bin
pconline1591283403553/Firmware/2246XT/PTEST2246.bin
pconline1591283403553/Firmware/2246XT/SM2246XTStrongPageTable.bin
pconline1591283403553/Firmware/2246XT/SM2246XTWeakPageTable.bin
pconline1591283403553/FlashDB/Flash - │Ε.SET
pconline1591283403553/FlashDB/Flash.SET
pconline1591283403553/LogFile/2246XT/FLASHID.bin
pconline1591283403553/LogFile/2246XT/ISP.bin
pconline1591283403553/LogFile/2246XT/MICROCODE.bin
pconline1591283403553/LogFile/2246XT/MPISP.bin
pconline1591283403553/LogFile/2246XT/PTEST.bin
pconline1591283403553/LogFile/2246XT/PTESTH.bin
pconline1591283403553/LogFile/2246XT/PTESTH_JUMP.bin
pconline1591283403553/LogFile/2246XT/PTEST_whole.bin
pconline1591283403553/LogFile/2246XT/RDT.bin
pconline1591283403553/SM2246XT Error code.xls
.xls windows office2003
pconline1591283403553/SM333v12_ReaderTool_I0310/CID.BIN
pconline1591283403553/SM333v12_ReaderTool_I0310/Default.ini
pconline1591283403553/SM333v12_ReaderTool_I0310/EEPROM.BIN
pconline1591283403553/SM333v12_ReaderTool_I0310/Read me first.txt
pconline1591283403553/SM333v12_ReaderTool_I0310/SD.BIN
pconline1591283403553/SM333v12_ReaderTool_I0310/SM333ISPI0310.bin
pconline1591283403553/SM333v12_ReaderTool_I0310/arg.set
pconline1591283403553/SM333v12_ReaderTool_I0310/sectorABCD.bin
pconline1591283403553/SM333v12_ReaderTool_I0310/sm333test.exe
.exe windows:4 windows x86 arch:x86

ccf79c4ed388d5a9ef71f4963efb3df3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

cfgmgr32

CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Remove_SubTree
CM_Get_Sibling
CM_Get_Parent
CM_Get_Child

kernel32

HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
ExitThread
TerminateProcess
GetACP
HeapSize
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
RtlUnwind
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
OutputDebugStringA
lstrcpyA
CloseHandle
Sleep
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetFileAttributesA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
CreateFileA
GetLastError
DeviceIoControl
GetModuleFileNameA
GetLocalTime
GetSystemDefaultLangID
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetFileSize
CreateThread
WaitForSingleObject
GetVersionExA
FlushFileBuffers
ResetEvent
GetProcAddress
CreateEventA
LoadLibraryA
FreeLibrary
ReadFile
WriteFile
GetTickCount
lstrcatA
MultiByteToWideChar
FileTimeToSystemTime
SetErrorMode
CopyFileA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
GetFileTime
GetCurrentThread
FormatMessageA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
GetCurrentProcess
DuplicateHandle
lstrlenW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
lstrcmpA
lstrcpynA
MulDiv
SetLastError
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalFree
LocalAlloc
lstrlenA
GlobalFree
WideCharToMultiByte
FileTimeToLocalFileTime

user32

LoadCursorA
GetSysColorBrush
PostThreadMessageA
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
CharUpperA
IsClipboardFormatAvailable
DestroyMenu
LoadStringA
GetMessageA
TranslateMessage
ValidateRect
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetDesktopWindow
CopyRect
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetParent
UnregisterClassA
IsWindow
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
GetWindowPlacement
wsprintfA
GetClassNameA
ScreenToClient
GetCursorPos
FindWindowA
EnumChildWindows
GetWindowTextA
IsWindowVisible
IsWindowEnabled
GetMenuState
GetKeyNameTextA
KillTimer
MapDialogRect
SetWindowContextHelpId
SetCursor
PostQuitMessage
SetMenu
GetMenu
LoadMenuA
RemoveMenu
GetSubMenu
CheckMenuItem
LoadBitmapA
SetTimer
GetDC
ReleaseDC
GetSysColor
DrawFocusRect
SendMessageA
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
RedrawWindow
GetFocus
CallWindowProcA
MessageBeep
SetWindowLongA
GetWindowLongA
PostMessageA
GetWindow
GetSystemMetrics
FillRect
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
LoadIconA
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar
SetScrollInfo
ReleaseCapture
GetKeyState
RegisterClipboardFormatA
EmptyClipboard
PtInRect
DrawTextA
SetCapture
CreateCaret
SetCaretPos
MessageBoxA
ShowCaret

gdi32

RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
SaveDC
DeleteObject
GetViewportExtEx
GetWindowExtEx
CreateHatchBrush
PtVisible
RectVisible
ExtTextOutA
Escape
GetMapMode
DPtoLP
CopyMetaFileA
GetTextColor
GetBkColor
LPtoDP
CreateBitmap
PatBlt
SetBkColor
SetTextColor
GetClipBox
DeleteDC
SetBoundsRect
GetCharWidthA
GetTextExtentPoint32A
TextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
CreateFontA
Rectangle
GetObjectA
CreateFontIndirectA
CreateDIBitmap
GetTextExtentPointA
CreatePen

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleDuplicateData
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
CoTaskMemAlloc
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleGetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantChangeType
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen
LoadTypeLi

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pconline1591283403553/SM333v12_ReaderTool_I0310/testlog.txt
pconline1591283403553/SM333v12_ReaderTool_I0310/usbhub.cfg
pconline1591283403553/Tester/EEPROM.BIN
pconline1591283403553/Tester/EEPROMO.BIN
pconline1591283403553/Tester/SD.BIN
pconline1591283403553/UFD_MP/Arg.set
pconline1591283403553/UFD_MP/LocalSetting.INI
pconline1591283403553/UFD_MP/MSusbHub.cfg
pconline1591283403553/UFD_MP/Setting.set
pconline1591283403553/UFD_MP/testlog.txt
pconline1591283403553/UFD_MP/usbhub.cfg
pconline1591283403553/default.ini
pconline1591283403553/idtable_rom.bin
pconline1591283403553/sm2246XT_MPTool_O1224H.exe
.exe windows:4 windows x86 arch:x86

46bb052762c92c21d195f95c5863cdd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Remove_SubTree
CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

newdev

UpdateDriverForPlugAndPlayDevicesA

kernel32

InterlockedDecrement
lstrcmpA
ResumeThread
SuspendThread
lstrlenW
GetCurrentThread
GetFileTime
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
SizeofResource
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitProcess
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
SetStdHandle
GetFileType
GetACP
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
IsBadWritePtr
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InterlockedIncrement
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
InterlockedExchange
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
OutputDebugStringA
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
Sleep
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
CreateDirectoryA
GetFileAttributesA
CopyFileA
GetLastError
GetLocalTime
GetFileSize
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetSystemDefaultLangID
GetCommandLineA
FindClose
FindNextFileA
SetHandleCount
GetThreadLocale
GetFullPathNameA
lstrcpynA
SetEndOfFile
UnlockFile
LockFile
SetFilePointer
DuplicateHandle
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetTickCount
GlobalFree
GetComputerNameA
GetModuleFileNameA
GetSystemDirectoryA
CreateNamedPipeA
GetDriveTypeA
RemoveDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
GetDriveTypeW
GetVolumeInformationW
WideCharToMultiByte
SetVolumeLabelW
GetDiskFreeSpaceExA
GetVolumeInformationA
FormatMessageA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
LocalFree
LocalAlloc
SetLastError
lstrlenA
lstrcatA
GetWindowsDirectoryA
GetCurrentDirectoryA
SetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualAlloc
VirtualFree
FlushFileBuffers
GetVersionExA
DeleteFileA
MulDiv
MoveFileA
DeviceIoControl
SetCurrentDirectoryA
FindFirstFileA

user32

SetWindowContextHelpId
MapDialogRect
LoadCursorA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
PostThreadMessageA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindow
AdjustWindowRectEx
CopyRect
GetScrollPos
GetTopWindow
IsChild
GetCapture
SetCursor
GetClassInfoA
RegisterClassA
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetClassNameA
FindWindowExA
EnumWindows
TranslateMessage
CharUpperA
GetDesktopWindow
SetClipboardData
ModifyMenuA
GetMenuItemID
GetMenuItemCount
ScreenToClient
GetCursorPos
FindWindowA
EnumChildWindows
GetWindowTextA
IsWindowVisible
IsWindowEnabled
LoadBitmapA
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetParent
EnableWindow
SendMessageA
GetDlgItem
ShowWindow
SetWindowPos
SetFocus
SetWindowTextA
SetMenu
GetMenu
LoadMenuA
GetSubMenu
GetMenuState
CheckMenuItem
OpenClipboard
GetClipboardData
CloseClipboard
LoadImageA
WindowFromPoint
IsClipboardFormatAvailable
DestroyMenu
GetMessageA
ValidateRect
LoadStringA
InflateRect
WinHelpA
WaitMessage
ShowCaret
SetCaretPos
CreateCaret
SetCapture
DrawTextA
PtInRect
EmptyClipboard
RegisterClipboardFormatA
GetKeyState
ReleaseCapture
SetScrollInfo
GetSysColor
DrawFocusRect
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
RedrawWindow
GetFocus
wsprintfA
MessageBoxA
GetKeyNameTextA
DispatchMessageA
PeekMessageA
PostQuitMessage
SetTimer
ReleaseDC
GetDC
KillTimer
LoadIconA
CallWindowProcA
MessageBeep
SetWindowLongA
GetWindowLongA
PostMessageA
GetWindow
GetSystemMetrics
FillRect
DrawIcon
AppendMenuA
GetSystemMenu
IsIconic
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar

gdi32

SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
DeleteDC
GetViewportExtEx
GetWindowExtEx
CreateHatchBrush
PtVisible
RectVisible
ExtTextOutA
Escape
GetMapMode
DPtoLP
CopyMetaFileA
GetTextColor
GetBkColor
LPtoDP
CreateBitmap
PatBlt
SetBkColor
SetTextColor
GetClipBox
DeleteObject
SetBoundsRect
GetTextExtentPointA
GetCharWidthA
GetTextExtentPoint32A
TextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
CreateFontA
Rectangle
GetObjectA
CreatePen
CreateFontIndirectA
CreateDIBitmap
GetStockObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
RegCreateKeyExA
RegCloseKey

shell32

SHChangeNotify
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

comctl32

_TrackMouseEvent
ord17
ImageList_Destroy

oledlg

ord8

ole32

CoTaskMemFree
CoRegisterMessageFilter
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoTaskMemAlloc
OleDuplicateData
ReleaseStgMedium
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantChangeType
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen
LoadTypeLi
VariantTimeToSystemTime

wsock32

htonl
WSACleanup
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
shutdown
htons
bind
ioctlsocket
accept
WSAGetLastError
WSASetLastError
WSAStartup

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccf79c4ed388d5a9ef71f4963efb3df3

Headers

File Characteristics

Imports

setupapi

cfgmgr32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 464KB - Virtual size: 461KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 24KB - Virtual size: 89KB

.rsrc Size: 48KB - Virtual size: 44KB

46bb052762c92c21d195f95c5863cdd6

Headers

File Characteristics

Imports

setupapi

newdev

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 128KB - Virtual size: 126KB

.data Size: 208KB - Virtual size: 2.1MB

.sxdata Size: 4KB - Virtual size: 256B

.rsrc Size: 192KB - Virtual size: 188KB

.text
Size: 464KB - Virtual size: 461KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 24KB - Virtual size: 89KB

.rsrc
Size: 48KB - Virtual size: 44KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 128KB - Virtual size: 126KB

.data
Size: 208KB - Virtual size: 2.1MB

.sxdata
Size: 4KB - Virtual size: 256B

.rsrc
Size: 192KB - Virtual size: 188KB