9574becab6ab56df4982d62017ecd82d69f3760c789924ca02dcc6534e00d823

Sharing

Copy URL Twitter E-mail

General

Target

9574becab6ab56df4982d62017ecd82d69f3760c789924ca02dcc6534e00d823
Size

223KB
MD5

074bdfe47efc00b97a79f6662a30e781
SHA1

81d85e77d2dcb679a9ba2872921db2aa6b79a87c
SHA256

9574becab6ab56df4982d62017ecd82d69f3760c789924ca02dcc6534e00d823
SHA512

0cab6d93328ad53aa6e9ef5d641bf29a51cecfebfc5e9b781be6f5d651b99ed1c516fa0b90619f7658d842728e67c9e6ad219e274604806163b1db97470fb3d9
SSDEEP

6144:0eWp03kBVcOXUdfj3CsUXrmf0eOOOjNnmspA0yB2+p:mBbkJj3CjKseOXBnHvyB1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9574becab6ab56df4982d62017ecd82d69f3760c789924ca02dcc6534e00d823

Files

9574becab6ab56df4982d62017ecd82d69f3760c789924ca02dcc6534e00d823
.dll windows:6 windows x86 arch:x86

2c105274c2f4015eb4988228242418a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\WorkSpace\UKeyProject\02_SourceCode\branch\v1.0.1_C\build\vs2015\SecureUKey\Release\SecureCard.pdb

Imports

kernel32

OutputDebugStringA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
ReadFile
WriteFile
SetFilePointer
CreateFileA
GetLogicalDriveStringsA
GetDriveTypeA
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

strstr
memset
memcpy
strchr
__std_type_info_destroy_list
_except_handler4_common
memcmp

api-ms-win-crt-string-l1-1-0

strncpy
strcmp
strncmp
strcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vsprintf
fwrite
fclose
fopen

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

api-ms-win-crt-heap-l1-1-0

free
malloc

api-ms-win-crt-filesystem-l1-1-0

_access

Exports

Exports

SKF_CUSTOM_ImportSessionKey
SKF_CUSTOM_ImportSymmKey
SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptFinal
SKF_DecryptInit
SKF_DecryptUpdate
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestFinal
SKF_DigestInit
SKF_DigestUpdate
SKF_DisConnectDev
SKF_ECCExportSessionKey
SKF_ECCExportSessionKeyByHandle
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptFinal
SKF_EncryptInit
SKF_EncryptUpdate
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtECCDecrypt
SKF_ExtECCEncrypt
SKF_ExtECCSign
SKF_ExtECCVerify
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GenerateAgreementDataAndKeyWithECC
SKF_GenerateAgreementDataWithECC
SKF_GenerateKey
SKF_GenerateKeyWithECC
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_Mac
SKF_MacFinal
SKF_MacInit
SKF_MacUpdate
SKF_OpenApplication
SKF_OpenContainer
SKF_PrvKeyDecrypt
SKF_RSAExportSessionKey
SKF_RSAExportSessionKeyByHandle
SKF_RSAPrvKeyDecrypt
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnblockPIN
SKF_UnlockDev
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c105274c2f4015eb4988228242418a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 182KB - Virtual size: 182KB

.data Size: 512B - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 20B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 182KB - Virtual size: 182KB

.data
Size: 512B - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 20B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB