a89d251e735a562bf3b1e48ecb220a32b461dfc18db2aaec68a0523a95d6a040

Sharing

Copy URL Twitter E-mail

General

Target

a89d251e735a562bf3b1e48ecb220a32b461dfc18db2aaec68a0523a95d6a040
Size

1.2MB
MD5

1d68aa0da0f9715b79c5b9d6588684ed
SHA1

a71a5b9936d1c4bd82f1e4c3024e9897a3cf76da
SHA256

a89d251e735a562bf3b1e48ecb220a32b461dfc18db2aaec68a0523a95d6a040
SHA512

8f7077d4c9722ebf08e5f7864f6a2b2be9fc4a581442aa4272f314f904ef7385cad082b2fbecf1007259621a7e10b08b344a959fe6828067fffd796c94ba4caf
SSDEEP

24576:38aexcp/SY2iAbU+xUFbIxyrSW3FP5h/8WeNAWymSTF+4KC+8ZrrEH7u:IBTxyrSW2WeNAu2+4Kf8Zj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a89d251e735a562bf3b1e48ecb220a32b461dfc18db2aaec68a0523a95d6a040

Files

a89d251e735a562bf3b1e48ecb220a32b461dfc18db2aaec68a0523a95d6a040
.dll windows:6 windows x86 arch:x86

eb058655574ec664b449ee06f6906e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Home\mtk14060\Workspace\AutoScript_V6_4.7\Project\WCP2_CleanRoom\DA\Download_Agent_Main\SP_Flashtool_V6\flash-lib-Chimaera\flash\x86_out\release\flash.pdb

Imports

kernel32

FormatMessageW
SetEvent
WaitForSingleObjectEx
CloseHandle
LoadLibraryW
LocalFree
FreeLibrary
WideCharToMultiByte
FormatMessageA
CreateEventA
GetProcAddress
MultiByteToWideChar
ReadFile
GetFileSizeEx
WriteFile
CreateFileW
GetLastError
SetFilePointerEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeSRWLock
GetCurrentThreadId
ReleaseSRWLockShared
AcquireSRWLockShared
GetSystemTimeAsFileTime
CancelIo
PurgeComm
WaitForMultipleObjects
SetupComm
CreateEventW
EscapeCommFunction
ClearCommBreak
GetCommState
ClearCommError
SetCommTimeouts
SetCommState
lstrcpyW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetThreadTimes
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
GetModuleHandleW
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
TryEnterCriticalSection
DuplicateHandle
Sleep
SwitchToThread
GetCurrentThread
GetExitCodeThread
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
HeapAlloc
HeapFree
GetProcessHeap
ReleaseSemaphore
OpenEventA
GetLogicalProcessorInformation
GetModuleHandleA
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
DeviceIoControl
MoveFileExW
FindClose
FindFirstFileW
FindNextFileW
AreFileApisANSI
WakeAllConditionVariable
SleepConditionVariableSRW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetStdHandle
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapReAlloc
SetStdHandle
HeapSize
WriteConsoleW
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDescriptionW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW

Exports

Exports

flashtool_cleanup
flashtool_connect_device
flashtool_create_session
flashtool_destroy_session
flashtool_enter_mode
flashtool_env_set_log
flashtool_execute_command
flashtool_get_last_error_msg
flashtool_scan_device
flashtool_startup

Sections

.text
Size: 827KB - Virtual size: 826KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb058655574ec664b449ee06f6906e0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

setupapi

Exports

Exports

Sections

.text Size: 827KB - Virtual size: 826KB

.rdata Size: 198KB - Virtual size: 198KB

.data Size: 30KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 51KB - Virtual size: 50KB

.text
Size: 827KB - Virtual size: 826KB

.rdata
Size: 198KB - Virtual size: 198KB

.data
Size: 30KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 51KB - Virtual size: 50KB