7b8b60b404db2340616e07e8f3f5e194c716aabb8d8596fe1e66f04d153adc3c

Sharing

Copy URL Twitter E-mail

General

Target

7b8b60b404db2340616e07e8f3f5e194c716aabb8d8596fe1e66f04d153adc3c
Size

8.9MB
MD5

3b9a4fe47e14959e3f1b5e6c35d8ca75
SHA1

b23c758c6afed2d0e01919e79e8a6e1bfdff9df4
SHA256

7b8b60b404db2340616e07e8f3f5e194c716aabb8d8596fe1e66f04d153adc3c
SHA512

c319e6b61e4b986f4853c4177a113334ce0da87cad1c74e9e070b6411456e7645bc6b6424def0d3725e9f9eb095906c1e325eaffffb6a15a51f16cdd0d9396aa
SSDEEP

196608:crpjAkFMZx4E4PwDYW3JD6maGadK5SZnTeay0BP/FQWULBAziNG7Dmbze8L2jTmC:ajAkFMZxEgxTAQ/qEZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b8b60b404db2340616e07e8f3f5e194c716aabb8d8596fe1e66f04d153adc3c

Files

7b8b60b404db2340616e07e8f3f5e194c716aabb8d8596fe1e66f04d153adc3c
.exe windows:4 windows x86 arch:x86

47594549d92bb621da4c8f329ebcd080

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CompareStringA
AreFileApisANSI
CreateFileW
CreateFileMappingA
CreateFileMappingW
CreateMutexW
DeleteFileW
FormatMessageW
GetDiskFreeSpaceW
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
GetTempPathW
GetLocaleInfoW
HeapValidate
HeapCompact
LockFileEx
MapViewOfFile
QueryPerformanceCounter
UnlockFileEx
UnmapViewOfFile
SetEnvironmentVariableA
OutputDebugStringA
OutputDebugStringW
GetProcessHeap
InterlockedCompareExchange
FlushViewOfFile
GetTempPathA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
LocalSize
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
VirtualQuery
VirtualProtect
GetSystemInfo
GetExitCodeThread
TerminateThread
GetCurrentProcessId
InterlockedExchange
WaitForSingleObjectEx
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
IsBadCodePtr
IsBadReadPtr
GetDriveTypeA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetStdHandle
SetHandleCount
HeapSize
GetFileType
SetStdHandle
ExitThread
GetACP
HeapReAlloc
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
RaiseException
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetTempFileNameA
GetCurrentThread
SuspendThread
SetThreadPriority
ReleaseMutex
CreateMutexA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GlobalFree
MulDiv
SetLastError
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetProcAddress
FindFirstFileA
SetFileAttributesA
RemoveDirectoryA
FindNextFileA
FindClose
CreateProcessA
FormatMessageA
LocalFree
GetModuleFileNameA
CreateSemaphoreA
GetLastError
TryEnterCriticalSection
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetLocalTime
ResumeThread
GetCurrentDirectoryA
CreateDirectoryA
CreateToolhelp32Snapshot
Process32First
OpenProcess
TerminateProcess
Process32Next
DeleteFileA
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetFileAttributesA
GetModuleHandleA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
lstrcpynA
CreateEventA
CreateThread
GetTickCount
Sleep
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpA
lstrlenA
lstrcpyA
GetLocaleInfoA
GetVersionExW

user32

SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
EnableWindow
GetSysColor
SendMessageA
SetWindowTextA
PtInRect
GetClientRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
EndDialog
GetScrollPos
SetScrollPos
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemID
IsDialogMessageA
MoveWindow
IsWindowEnabled
GetNextDlgTabItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
ClientToScreen
GetActiveWindow
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
RemovePropA
GetMessageTime
GetMessagePos
SetWindowPos
IntersectRect
GetWindowLongA
InvalidateRect
CallWindowProcA
SetWindowLongA
DrawFocusRect
DrawTextA
DrawFrameControl
CopyRect
GetParent
OffsetRect
FillRect
UnregisterClassA
LookupIconIdFromDirectoryEx
CopyIcon
wvsprintfA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
DestroyMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IsZoomed
WindowFromPoint
LoadStringA
CharUpperA
RedrawWindow
SetCapture
SetCursorPos
ValidateRect
ShowOwnedPopups
FindWindowA
GetSysColorBrush
GetDCEx
LockWindowUpdate
DeleteMenu
DestroyIcon
GetTabbedTextExtentA
MessageBeep
SetScrollRange
CreateIconIndirect
CreateIconFromResourceEx
GetWindowPlacement
RegisterWindowMessageA
RemoveMenu
GetMenuStringA
GetMenuState
SystemParametersInfoA
GetSystemMetrics
LoadImageA
RegisterClipboardFormatA
GetDoubleClickTime
WaitMessage
GetMenuDefaultItem
GetMenuItemInfoA
SetMenuDefaultItem
GetIconInfo
SetClassLongA
DrawStateA
TrackPopupMenuEx
AdjustWindowRect
RegisterClassW
DefMDIChildProcW
DefMDIChildProcA
DefDlgProcW
DefDlgProcA
DefFrameProcW
GetSystemMenu
CheckMenuItem
GetForegroundWindow
DrawMenuBar
InsertMenuA
AppendMenuA
CreatePopupMenu
GetDesktopWindow
GetPropA
IsIconic
GetLastActivePopup
IsRectEmpty
IsWindow
GetMenu
GetMenuItemCount
EnableMenuItem
KillTimer
ScreenToClient
SetCursor
DestroyCursor
SetParent
SetRect
ShowScrollBar
DefFrameProcA
DefWindowProcW
CallWindowProcW
EnableScrollBar
IsWindowUnicode
GetWindowLongW
SetWindowLongW
DrawIconEx
SendMessageTimeoutA
DrawEdge
ShowCaret
GetDC
GetWindowRect
LoadIconA
SetTimer
GetWindow
GetTopWindow
ReleaseDC
ShowWindow
GetKeyState
FrameRect
GetFocus
InflateRect
SetMenu
SetWindowRgn
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
LoadBitmapA
DispatchMessageA
TranslateMessage
GetMessageA
DefWindowProcA
PostQuitMessage
DestroyWindow
UnregisterDeviceNotification
RegisterDeviceNotificationA
UpdateWindow
CreateWindowExA
RegisterClassExA
LoadCursorA
CreateCaret
IsWindowVisible
LoadMenuA
GetSubMenu
GetCursorPos
GetAsyncKeyState
PostMessageA
GetClassNameA
MessageBoxA
GetWindowTextA
SetForegroundWindow
EnumWindows
GetWindowThreadProcessId

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
TextOutA
Escape
PatBlt
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetCharWidthA
GetViewportOrgEx
AbortDoc
SetTextColor
EndPage
StartPage
SetAbortProc
CreateDCA
LPtoDP
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetTextFaceA
GetWindowOrgEx
SetBkColor
GetTextMetricsA
CreateFontA
GetTextExtentPoint32A
GetStockObject
SelectObject
CreateFontIndirectA
GetObjectA
CreateCompatibleDC
CreateRectRgnIndirect
GetBkColor
CreateCompatibleBitmap
Rectangle
BitBlt
CreatePen
GetPixel
StretchBlt
Arc
Ellipse
Polygon
GetClipBox
CreateBitmap
StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
GetObjectType
ExtSelectClipRgn
CreateRectRgn
DeleteObject
GetClipRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
CreateSolidBrush
GetROP2
ExtTextOutA
SetWindowOrgEx
GetTextCharsetInfo
OffsetRgn
CreateDIBSection
SetBrushOrgEx
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
EndDoc
DeleteDC
GetDIBits
CreateDIBitmap
CreatePalette

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyA
RegSetValueA
RegOpenKeyExA

shell32

SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
ShellExecuteExA
ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17
ImageList_Draw
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Add
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_GetBkColor
_TrackMouseEvent
FlatSB_GetScrollProp
ImageList_GetIcon

ole32

CoTaskMemFree
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocStringByteLen
VariantCopy
VariantClear
OleLoadPicturePath

urlmon

URLDownloadToFileA

easyusbhid

?hiddevice_HasOpened@CEasyUsbHid@@QAEHXZ
?closeusb@CEasyUsbHid@@QAEHXZ
?openusb@CEasyUsbHid@@QAEHGGG@Z
??1CEasyUsbHid@@QAE@XZ
??0CEasyUsbHid@@QAE@XZ
?transfer@CEasyUsbHid@@QAEHIPAEK0K@Z

libcurl

curl_easy_perform
curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_setopt
curl_slist_append

ws2_32

socket
htonl
htons
WSAStartup
listen
setsockopt
accept
closesocket
send
recv
bind
WSACleanup

cmtrfebusb

?Cmt2600ReadRegs@CRfebUsbApp@@QAEEEQAEG@Z
?Cmt2600WriteRegs@CRfebUsbApp@@QAEEEQBEG@Z
?RfpdkTransReadState@CRfebUsbApp@@QAEEAAE@Z
?RfpdkTransControllerStopTx@CRfebUsbApp@@QAEEE@Z
?RfpdkTransControllerStartTx@CRfebUsbApp@@QAEEE@Z
?RfTransClearSendBuf@CRfebUsbApp@@QAEEXZ
?RfTransWriteDataToSendBuf@CRfebUsbApp@@QAEEPAEAAG@Z
?RfpdkTransControllerPrepareTx@CRfebUsbApp@@QAEEKEGE@Z
?Cmt2101WriteFtps@CRfebUsbApp@@QAEEEQBGG@Z
?Cmt2100WriteRegs@CRfebUsbApp@@QAEEEQBEG@Z
?RfpdkTransReadRssiValue@CRfebUsbApp@@QAEEAAE@Z
?RfTransReadDataFromRecvBuf@CRfebUsbApp@@QAEEPAEAAG@Z
?RfTransDataNumberOfRecvBuf@CRfebUsbApp@@QAEEAAG@Z
?RfpdkTransControllerStopRx@CRfebUsbApp@@QAEEE@Z
?LeaveUsb@CRfebUsbApp@@QAEEXZ
?RfpdkTransControllerStartRx@CRfebUsbApp@@QAEEE@Z
?RfTransClearRecvBuf@CRfebUsbApp@@QAEEXZ
?RfpdkTransControllerPrepareRx@CRfebUsbApp@@QAEEKEEGEPAE@Z
?GetInstance@CRfebUsbApp@@SAPAV1@XZ
?EnterUsb@CRfebUsbApp@@QAEEXZ
?Cmt2000WriteRegs@CRfebUsbApp@@QAEEEQBEG@Z
?ChipIdentifyGetPartNumber@CRfebUsbApp@@QAEEAAH@Z

wininet

InternetWriteFile
InternetCrackUrlA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCanonicalizeUrlA
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
DeleteUrlCacheEntry

winmm

PlaySoundA

imagehlp

ImageDirectoryEntryToData

Exports

Exports

??4CEasyUsbHid@@QAEAAV0@ABV0@@Z
??4CRfebUsbApp@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 580KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 33.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47594549d92bb621da4c8f329ebcd080

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

urlmon

easyusbhid

libcurl

ws2_32

cmtrfebusb

wininet

winmm

imagehlp

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 580KB - Virtual size: 578KB

.data Size: 1.2MB - Virtual size: 33.1MB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 580KB - Virtual size: 578KB

.data
Size: 1.2MB - Virtual size: 33.1MB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB