d37f542b1841909468db60ec3a96031d6a0cb6dc2b487f4fcd4a2fa2319f5ab5

Sharing

Copy URL

Twitter E-mail

General

Target

d37f542b1841909468db60ec3a96031d6a0cb6dc2b487f4fcd4a2fa2319f5ab5
Size

4.0MB
MD5

5baa27cc885f2993414099eeb9432c95
SHA1

ba983e343f242625cee159a1db79c852b1df7c63
SHA256

d37f542b1841909468db60ec3a96031d6a0cb6dc2b487f4fcd4a2fa2319f5ab5
SHA512

68f172c449a79ef040ef1a77f7d45db6a7be07443b091ed72c7e58d4f384906b3d959435e2910ced07f73bfb5a8183ea6d85b58d8ce6646f1246c2dcb4f265af
SSDEEP

49152:O+/WIPhjodX+IDVxxJUKfnC3zMpmzF59HKU8iaFMt3bRloBvri8:OS20zP93LAr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d37f542b1841909468db60ec3a96031d6a0cb6dc2b487f4fcd4a2fa2319f5ab5

Files

d37f542b1841909468db60ec3a96031d6a0cb6dc2b487f4fcd4a2fa2319f5ab5
.exe windows:5 windows x64 arch:x64

f4a95ae9ec0312f49b62c1bc1ca7ccea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\SourceCode\U2\20230615\UDISK_SW_U2_0_Release\Complier\vc9_x64\MpTools\Release_ITE\FCMpTools.pdb

Imports

entryappite

?GetRealCapacity@CEntryInterface@@QEAAKXZ
?Refresh_UpdateBin_ID_Cap@CEntryInterface@@QEAAXPEA_WHKAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?IsDDR2Mode@CEntryInterface@@QEAAHXZ
?GetDoubleFlash@CEntryInterface@@QEAAHXZ
?IsSeedOptimize@CEntryInterface@@QEAAHXZ
?IsMSpeedMode@CEntryInterface@@QEAA_NXZ
?IsLSpeedMode@CEntryInterface@@QEAA_NXZ
?IsReliableMode@CEntryInterface@@QEAAHXZ
?UpdateMpModeString@CEntryInterface@@QEAAXPEA_W@Z
?IsAllCopybackMode@CEntryInterface@@QEAAHXZ
?GetExtText4SpeedOptimize@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetMaxBindPlane@CEntryInterface@@QEAAHXZ
?GetU3Mode@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetSpeedTestResult@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetDefaultCapacity@CEntryInterface@@QEAAKXZ
?IsRBAbNormal@CEntryInterface@@QEAAHXZ
?IsDQSNormal@CEntryInterface@@QEAAHXZ
?GetIcVersionStr@CEntryInterface@@QEAAHPEB_W@Z
?IsWorkVoltageSettingRight@CEntryInterface@@QEAAHXZ
?GetUsbSpeed@CEntryInterface@@QEAAEXZ
?IsSupportZcFlash@CEntryInterface@@QEAA_NXZ
?VerifyFirstChipPos@CEntryInterface@@QEAA_NXZ
?CheckIDsConsistency@CEntryInterface@@QEAAHXZ
?GetMpTime@CEntryInterface@@QEAAKXZ
?GetWarning@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetSucceedText@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?IsNeed48PinIc@CEntryInterface@@QEAAHXZ
?GetCapacity@CEntryInterface@@QEAAKXZ
?IsSupportATTO@CEntryInterface@@QEAAHXZ
?Stop@CEntryInterface@@QEAAXH@Z
?GetFullErrorMsg@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?IsReady@CEntryInterface@@QEBAHXZ
?ResetUserSetting@CEntryInterface@@QEAAXPEAX@Z
?Refresh@CEntryInterface@@QEAAHH@Z
?Start@CEntryInterface@@QEAAHXZ
?StartThread@CEntryInterface@@QEAAXXZ
?SetLastID@CEntryInterface@@QEAAX_N@Z
?GetFlashSetting@CEntryInterface@@QEAAPEAXXZ
?GetIcVersion@CEntryInterface@@QEAAHXZ
?IsMPComplete@CEntryInterface@@QEAAHXZ
?SetMPComplete@CEntryInterface@@QEAAXH@Z
?GetH2Text@CEntryInterface@@QEAAHPEB_WPEAH@Z
?GetDetailInfo@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetMidCapacity@CEntryInterface@@QEAAXPEAK0@Z
?GetDieSortingLog@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
ord3
?GetNextPortIndex@CEntryInterface@@QEAAHXZ
?GetEntryPtr@CEntryInterface@@QEAAPEAXXZ
?ClearEntryPtr@CEntryInterface@@QEAAXXZ
?GetMpInfoStr@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?GetIcStatusStr@CEntryInterface@@QEAA?AV?$shared_ptr@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@boost@@XZ
?SendCommand@CEntryInterface@@QEAAHPEAEPEAXHH@Z
?Test@CEntryInterface@@QEAAXHQEAPEA_W_K@Z
ord5
?IsCanProduct@CEntryInterface@@QEAAHXZ
?GetFlashId4Display@CEntryInterface@@QEAAPEB_WH@Z
?Refresh_UpdateFlashName@CEntryInterface@@QEAAXPEA_W@Z
?IsToggleFlash@CEntryInterface@@QEAAHXZ
?GetChipCount@CEntryInterface@@QEAAHXZ
?GetFlashName@CEntryInterface@@QEAAPEB_WH@Z
?RegisterProc@CEntryInterface@@QEAAXP6AXHHH@ZP6AXHHKH@Z00@Z
?SetIndex@CEntryInterface@@QEAAXH@Z
?IsLockPortOK@CEntryInterface@@QEAAHXZ
?GetDriver@CEntryInterface@@QEAAEXZ
?GetLinkName@CEntryInterface@@QEAAPEB_WXZ
??0CEntryInterface@@QEAA@PEAX@Z
ord4
?Eject@CEntryInterface@@QEAAXXZ
ord2
?SetDriver@CEntryInterface@@QEAAXE@Z
?GetLinkName@CEntryInterface@@SAHEPEB_W@Z
ord1
??1CEntryInterface@@QEAA@XZ
?GetMpMode@CEntryInterface@@QEAAEH@Z
?GetPortIndex@CEntryInterface@@QEAAHXZ
?GetUserSetting@CEntryInterface@@QEAAPEAXXZ
?GetFlashId@CEntryInterface@@QEAAPEB_WH@Z
?IsTransPageMode@CEntryInterface@@QEAAHXZ

kernel32

lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
LocalAlloc
TlsGetValue
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetDiskFreeSpaceW
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapFree
HeapAlloc
ExitThread
CreateThread
ExitProcess
HeapReAlloc
RtlUnwindEx
RtlPcToFileHeader
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetDriveTypeA
GetFullPathNameA
SetEnvironmentVariableA
FreeLibrary
GetModuleFileNameW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetExitCodeProcess
CreatePipe
MoveFileA
CreateProcessA
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
OutputDebugStringA
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LockFileEx
HeapValidate
GetFileAttributesA
FormatMessageA
UnlockFileEx
OutputDebugStringW
WaitForSingleObjectEx
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
HeapCompact
LoadLibraryW
GetProcAddress
InitializeCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
Sleep
GetModuleHandleW
GetPrivateProfileStringW
GetPrivateProfileIntW
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
WaitForSingleObject
TerminateThread
CloseHandle
GetDefaultCommConfigW
CreateFileW
GetModuleFileNameA
SetCommConfig
WriteFile
ClearCommError
ReadFile
GetPrivateProfileSectionNamesW
WritePrivateProfileSectionW
WritePrivateProfileStringW
RaiseException
SetThreadPriority
GetCurrentThreadId
GetLogicalDrives
GetDriveTypeW
GetLocalTime
SetFilePointer
lstrlenW
VirtualProtect
GetCurrentProcess
LoadLibraryExW
CompareStringA
ResumeThread
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetStringTypeExW
GetFileTime
GetFileSizeEx
GetFileAttributesW
SystemTimeToFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
FormatMessageW
LocalFree
SetErrorMode
SetUnhandledExceptionFilter
MulDiv
SetLastError
lstrcpyW
CreateDirectoryW
ResetEvent
GetTempPathW
OpenMutexW
CreateMutexW
CreateEventW
lstrlenA
CreateProcessW
ReleaseMutex
GetThreadLocale
GetUserDefaultLangID
GetUserDefaultUILanguage
SetThreadLocale
GetVersionExW
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
SetEvent
GetLastError
GetCurrentThread
GetTickCount
DeleteFileW
GetCurrentProcessId

user32

DestroyMenu
WindowFromPoint
GetWindowThreadProcessId
EndPaint
BeginPaint
GetMessageW
TranslateMessage
ValidateRect
CharUpperW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
SetScrollInfo
SystemParametersInfoA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetScrollPos
GetWindowTextLengthW
GetWindowTextW
SetFocus
IsWindowEnabled
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
SendMessageW
LoadBitmapW
MessageBoxW
GetDlgItem
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
IsRectEmpty
RemoveMenu
IntersectRect
SetRect
ShowScrollBar
CheckMenuItem
AppendMenuW
CreatePopupMenu
EnumChildWindows
SetForegroundWindow
GetWindowRgn
MoveWindow
DestroyWindow
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
GetSysColorBrush
UnregisterClassW
MessageBeep
ShowWindow
SetWindowPos
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetWindowPlacement
GetNextDlgGroupItem
InvalidateRect
LoadStringW
EnableWindow
PeekMessageW
MsgWaitForMultipleObjectsEx
PostThreadMessageW
PostMessageW
GetSysColor
GetClientRect
GetParent
OffsetRect
InflateRect
GetWindowRect
UpdateWindow
CopyRect
IsWindow
PtInRect
GetDC
ReleaseDC
EqualRect
TrackMouseEvent
IsWindowVisible
SetCapture
GetMenu
ReleaseCapture
LoadMenuW
GetSubMenu
RegisterClipboardFormatW
CreateWindowExW
RegisterClassExW
DefWindowProcW
GetWindow
SetParent
SetWindowLongPtrW
GetScrollInfo
CallWindowProcW
GetWindowLongPtrW
GetKeyState
ClipCursor
GetCapture
SetCursor
LoadCursorW
SetScrollPos
SetRectEmpty
GetMonitorInfoW
MonitorFromWindow
SetWindowLongW
GetWindowLongW
GetComboBoxInfo
GetFocus
ScreenToClient
GetCursorPos
GetWindowDC
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
DrawIcon
IsIconic
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetSystemMetrics
SystemParametersInfoW
LoadIconW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
KillTimer
SetTimer
ClientToScreen
wsprintfW

gdi32

SetTextColor
SetBkColor
GetObjectW
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
DPtoLP
GetBkColor
GetRgnBox
GetClipBox
PtInRegion
CreateRectRgn
DeleteDC
SelectObject
CreateDIBSection
DeleteObject
GetTextColor
CreateSolidBrush
GetTextMetricsW
RemoveFontResourceW
AddFontResourceW
GetDeviceCaps
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleBitmap
CreateFontW
CreateCompatibleDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExA
RegCreateKeyExW
RegEnumValueW
RegQueryValueExW
IsTextUnicode
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueW

shell32

ShellExecuteW
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathIsDirectoryW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject

oleaut32

SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect

gdiplus

GdipGetDC
GdipFillPie
GdipGetImageHeight
GdipDrawImageRectRect
GdipDrawEllipse
GdipDeletePen
GdipCreatePen1
GdipFillEllipse
GdipSetSmoothingMode
GdipGetImageWidth
GdipDrawImage
GdipDeleteBrush
GdipFillPolygonI
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromStream
GdipCloneImage
GdipDisposeImage
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC
GdipFillRectangleI
GdipCloneBrush
GdipAlloc
GdipFree

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

dbghelp

SymCleanup
SymGetLineFromAddr64
MiniDumpWriteDump
SymInitialize
SymFunctionTableAccess64
StackWalk64
SymGetModuleBase64

ws2_32

send
shutdown
setsockopt
connect
gethostbyaddr
inet_addr
gethostbyname
WSAGetLastError
ioctlsocket
closesocket
htons
socket
WSAStartup
WSACleanup
recv

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 741KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4a95ae9ec0312f49b62c1bc1ca7ccea

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

entryappite

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

version

dbghelp

ws2_32

setupapi

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 707KB - Virtual size: 707KB

.data Size: 59KB - Virtual size: 97KB

.pdata Size: 187KB - Virtual size: 187KB

text Size: 4KB - Virtual size: 4KB

data Size: 15KB - Virtual size: 14KB

.rsrc Size: 741KB - Virtual size: 740KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 707KB - Virtual size: 707KB

.data
Size: 59KB - Virtual size: 97KB

.pdata
Size: 187KB - Virtual size: 187KB

text
Size: 4KB - Virtual size: 4KB

data
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 741KB - Virtual size: 740KB

.reloc
Size: 43KB - Virtual size: 42KB