61c7b88259969b0540079ca28e5da142b8ae3f828e2c20628e29e5c0ac28cb0b

Sharing

Copy URL Twitter E-mail

General

Target

61c7b88259969b0540079ca28e5da142b8ae3f828e2c20628e29e5c0ac28cb0b
Size

280KB
MD5

660c8b95c619a7ba280a2d01845883b3
SHA1

5323a44d79fb1ede6af5053a7ac8b52b245f66ee
SHA256

61c7b88259969b0540079ca28e5da142b8ae3f828e2c20628e29e5c0ac28cb0b
SHA512

a3c3d30e976c66d2f0a69f0b90b547211c59241d635dac59aaff9d0cda5faf5f8d687a82bed8933af26f6e4dab5f7f5b229f24f8dd521c3153b25dd762d3921f
SSDEEP

3072:6HQHLQWW+3mSvO0bX8IB4utaiTJqQ3LNPSexrkZSod/:clWTFvHXagaiTJqQ3LNPSey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61c7b88259969b0540079ca28e5da142b8ae3f828e2c20628e29e5c0ac28cb0b

Files

61c7b88259969b0540079ca28e5da142b8ae3f828e2c20628e29e5c0ac28cb0b
.dll windows:4 windows x86 arch:x86

43a27dc797555ac9e5f4da2cadd1b7a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCommTimeouts
CreateFileA
GetOverlappedResult
WaitForSingleObject
WriteFile
ReadFile
ClearCommError
GetTickCount
Sleep
GetLocalTime
CreateEventA
CancelIo
ResetEvent
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
GetCommState
SetCommState
SetupComm
GetLastError
CloseHandle
EscapeCommFunction
SetLastError
PurgeComm
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetCurrentThread
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetEndOfFile
IsValidLocale
SetEnvironmentVariableA

user32

wsprintfA
GetAsyncKeyState

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA

hid

HidP_SetUsages
HidD_GetPreparsedData
HidP_GetCaps
HidD_FreePreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidD_GetProductString

Exports

Exports

AgainInputPass
CDownloadFile
ComUpdateDevice
DeleteDevFile
DisplayInfo
DownloadFile
Evaluate
InputPass
ReadMainVer
ReadVer
SDBCommClose
SDBCommOpen
SDBInputKEY
SDBInputTMK
SDBLoadTMK
SDBReadCustomerPin
SetBaud
UpLoadDevFile
UpdateDevice

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43a27dc797555ac9e5f4da2cadd1b7a1

Headers

File Characteristics

Imports

kernel32

user32

setupapi

hid

Exports

Exports

Sections

.text Size: 220KB - Virtual size: 218KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 28KB - Virtual size: 43KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 220KB - Virtual size: 218KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 28KB - Virtual size: 43KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB