5e7ec78bc5c136d62aeea196b2bdca8a5cc4beda91fcdc75e278f8b75ae678d7

Sharing

Copy URL Twitter E-mail

General

Target

5e7ec78bc5c136d62aeea196b2bdca8a5cc4beda91fcdc75e278f8b75ae678d7
Size

347KB
MD5

bdbe4a5585404343f25bbdb15b841cf5
SHA1

5915fb784aafd67b44fb7198b648996a5e03ae01
SHA256

5e7ec78bc5c136d62aeea196b2bdca8a5cc4beda91fcdc75e278f8b75ae678d7
SHA512

8f99d138ad1b096aa0b83e36687206198ac1045c31a2599c2ecbe51c321fd04c41e61bbc93640ca82a3f8bb91f3a346377c5f806cc8c5b7f0caba0413c6f6c83
SSDEEP

6144:3GMNdYmYFuHtDETZ3YLqwLG5KTM0kPQwb4ldmNifKWmGUJfgLaugu8:2MNdYmYFuHtAt3YLqwLG5KT7kPQ/mEJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7ec78bc5c136d62aeea196b2bdca8a5cc4beda91fcdc75e278f8b75ae678d7

Files

5e7ec78bc5c136d62aeea196b2bdca8a5cc4beda91fcdc75e278f8b75ae678d7
.dll windows:6 windows x86 arch:x86

02e2bbb10c948c35d6c0d5db308b444e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\SDK\SDK2023\1、Windows\源码不能发-------qiubo\Donsee3264-20231121-最新-更新读基本信息-更新扫码\Donsee_X32\Output\donsee32.pdb

Imports

hid

HidD_GetHidGuid
HidD_GetFeature
HidD_SetFeature
HidD_GetAttributes

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

kernel32

SizeofResource
HeapFree
EnterCriticalSection
WriteFile
PurgeComm
LeaveCriticalSection
InitializeCriticalSectionEx
GetCommTimeouts
GetCurrentDirectoryA
HeapSize
BuildCommDCBA
SetCurrentDirectoryA
MultiByteToWideChar
Sleep
GetLastError
CreateFileA
LoadLibraryA
LockResource
GetCommState
DeleteFileA
HeapReAlloc
CloseHandle
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
ClearCommError
GetOverlappedResult
SetCommMask
DecodePointer
HeapDestroy
GetProcAddress
GetFileSize
DeleteCriticalSection
GetProcessHeap
FreeLibrary
SetCommTimeouts
GetTickCount
SetCommState
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RaiseException
SetEndOfFile
ReadConsoleW
SetStdHandle
FlushFileBuffers
CreateFileW
GetStringTypeW
CreateDirectoryA
GetTempPathA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
ReadFile
WriteConsoleW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
LCMapStringW
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
ExitProcess
GetModuleHandleExW
GetModuleFileNameW

shlwapi

PathFindExtensionW
PathFindExtensionA

gdi32

DeleteDC
DeleteObject
CreateCompatibleDC
SetDIBColorTable
CreateDIBSection
SelectObject
GetObjectA

gdiplus

GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipGetImagePalette
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipDrawImageI
GdipAlloc
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImagePaletteSize
GdipGetImageEncoders
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipDisposeImage
GdipGetImageEncodersSize
GdipDeleteGraphics

Exports

Exports

Donsee_15693_Find
Donsee_15693_Info
Donsee_15693_LockAFI
Donsee_15693_LockDSFID
Donsee_15693_LockDataBlock
Donsee_15693_Read
Donsee_15693_Write
Donsee_15693_WriteAFI
Donsee_15693_WriteDSFID
Donsee_4442_Change
Donsee_4442_PowerOff
Donsee_4442_PowerOn
Donsee_4442_Read
Donsee_4442_ReadCount
Donsee_4442_ReadProtect
Donsee_4442_Verify
Donsee_4442_Write
Donsee_4442_WriteProtect
Donsee_APDU
Donsee_APDUType
Donsee_Beep
Donsee_ChipSerial
Donsee_Close
Donsee_ColdPowerOn
Donsee_GetBankCardNo
Donsee_GetScannerMode
Donsee_GetStatus
Donsee_HotPowerOn
Donsee_ICAnticoll
Donsee_ICRequest
Donsee_ICSelect
Donsee_M1Decrement
Donsee_M1Increment
Donsee_M1Initval
Donsee_M1LoadKey
Donsee_M1Read
Donsee_M1Readval
Donsee_M1Verify
Donsee_M1VerifyPass
Donsee_M1VerifyPassHex
Donsee_M1Write
Donsee_Open
Donsee_PowerOff
Donsee_PowerOn
Donsee_PowerOnTypeA
Donsee_PowerOnTypeB
Donsee_ReadBJTIDCard
Donsee_ReadBJTIDCard_Photo
Donsee_ReadICUid
Donsee_ReadIDCard
Donsee_ReadIDCardUid
Donsee_ReadMagCard
Donsee_ReadMagType
Donsee_ReadSAMID
Donsee_ReadSSCard
Donsee_ReadScannerInfo
Donsee_SetScannerMode
Donsee_SetTypeA
Donsee_SetTypeB
Donsee_SwitchRF
Donsee_Version
Donsee_WRSerial
Donsee_getTerminalNo
Donsee_iReadCardBas
Donsee_iReadCardBas_HSM_Step1
Donsee_iReadCardBas_HSM_Step2

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02e2bbb10c948c35d6c0d5db308b444e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hid

setupapi

kernel32

shlwapi

gdi32

gdiplus

Exports

Exports

Sections

.text Size: 214KB - Virtual size: 214KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 3KB - Virtual size: 46KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 214KB - Virtual size: 214KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 3KB - Virtual size: 46KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB