BetterSerialPlotter-v0[.]1[.]0-Windows[.]zip

Resubmissions

11-03-2024 15:10

240311-sj38tsdh2y 3

11-03-2024 15:06

240311-sg8ersdg7s 3

Sharing

Copy URL

Twitter E-mail

General

Target

BetterSerialPlotter-v0.1.0-Windows.zip
Size

924KB
MD5

fce85fd78405db7b29eb42854cb59aa1
SHA1

b2be2ffd1d99f23f5ad1619daa8a591e9ac54012
SHA256

e1d82a067941bc1d7a86b6042f7dbb265637fef1dcb5ff0267f8713e2d793dd0
SHA512

468a1da78fa12d5f4c74fbec1d08f4b4f116173a7f8020f22f14c42e9b3365a5ec8ffbe3d2b1a08266066291054f9fbe2317ae672d4ff6aeee8fe9cdabbf9cd8
SSDEEP

24576:wkUM8XBG5pIZgeq57Nek0FA/LTGkfqzeGtwMlkk50:Br8R2e8Rek0ELTxiKGtwgd0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BetterSerialPlotter.exe

Files

BetterSerialPlotter-v0.1.0-Windows.zip
.zip
BetterSerialPlotter.exe
.exe windows:6 windows x64 arch:x64

9448cd8ca47c64a04ca89c7cc1eebd4a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-shcore-scaling-l1-1-1

SetProcessDpiAwareness

winmm

timeGetDevCaps
timeBeginPeriod

pdh

PdhCollectQueryData
PdhOpenQueryA
PdhAddCounterA

kernel32

GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
ReadFile
CloseHandle
PurgeComm
SetCommState
SetCommTimeouts
BuildCommDCBA
GetModuleHandleW
SetThreadExecutionState
FreeLibrary
GetProcAddress
LoadLibraryA
VerSetConditionMask
FormatMessageW
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
MoveFileA
CreateDirectoryA
GetFileAttributesA
WaitForSingleObject
SetWaitableTimer
GetProcessTimes
GetCurrentProcess
GetCurrentThreadId
ResetEvent
GlobalAlloc
GetSystemTimeAsFileTime
LocalFree
FormatMessageA
CreateWaitableTimerA
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
WaitForSingleObjectEx
SetEvent
InitializeCriticalSectionAndSpinCount
AreFileApisANSI
GlobalUnlock
QueryDosDeviceA
GetSystemInfo
GetLastError
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead

user32

SetWindowPos
GetMessageTime
GetRawInputDeviceList
GetRawInputDeviceInfoA
EnumDisplayMonitors
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ToUnicode
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterRawInputDevices
GetRawInputData
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
DestroyIcon
LoadCursorW
SetWindowLongW
GetWindowLongW
PtInRect
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetClientRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
ReleaseDC
GetDC
SetForegroundWindow
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
SetWindowLongA
GetWindowLongA
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
ShowWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes

gdi32

CreateRectRgn
DeleteObject
CreateDCW
DeleteDC
GetDeviceCaps
SetDeviceGammaRamp
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers

shell32

DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
SHCreateItemFromParsingName

ole32

CoTaskMemFree
CoCreateInstance
CoInitializeEx
CoUninitialize

msvcp140

?_Syserror_map@std@@YAPEBDH@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Cnd_signal
_Cnd_wait
_Cnd_destroy
_Cnd_init
_Mtx_destroy
_Mtx_init
_Thrd_detach
_Thrd_start
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xbad_function_call@std@@YAXXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Winerror_message@std@@YAKKPEADK@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?id@?$collate@D@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Strcoll
_Strxfrm
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?uncaught_exception@std@@YA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

vcruntime140

memcpy
__std_terminate
__C_specific_handler
strrchr
strstr
memchr
_purecall
memset
memmove
memcmp
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
strchr

api-ms-win-crt-runtime-l1-1-0

_errno
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
exit
_c_exit
_exit
_initterm_e
strerror_s
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
terminate

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
realloc
_set_new_mode
calloc
free

api-ms-win-crt-convert-l1-1-0

strtoul
strtof
strtoull
strtoll
strtod
atof

api-ms-win-crt-math-l1-1-0

atan2f
ceil
fmodf
log10
sinf
acosf
floorf
powf
pow
logf
log
cosf
ceilf
__setusermatherr
floor
sqrtf
_dtest
_fdtest
_ldtest
_fdsign
_ldsign
_dsign

api-ms-win-crt-stdio-l1-1-0

_close
_get_osfhandle
__stdio_common_vsnprintf_s
_lseek
_write
_sopen_s
_fileno
_fseeki64
__p__commode
_set_fmode
fwrite
setvbuf
ungetc
_isatty
__acrt_iob_func
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
fputc
__stdio_common_vsprintf
feof
__stdio_common_vfprintf
__stdio_common_vsscanf
ftell
fseek
_wfopen
fread
fsetpos

api-ms-win-crt-filesystem-l1-1-0

_unlink
_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func
_configthreadlocale

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-string-l1-1-0

strcmp
strcspn
strspn
strncmp
strncpy

api-ms-win-crt-time-l1-1-0

_localtime64_s
_mktime64
_mkgmtime64
_gmtime64_s
_ftime64

Sections

.text
Size: 930KB - Virtual size: 930KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 443KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9448cd8ca47c64a04ca89c7cc1eebd4a

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-shcore-scaling-l1-1-1

winmm

pdh

kernel32

user32

gdi32

shell32

ole32

msvcp140

imm32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

Sections

.text Size: 930KB - Virtual size: 930KB

.rdata Size: 401KB - Virtual size: 401KB

.data Size: 443KB - Virtual size: 484KB

.pdata Size: 40KB - Virtual size: 40KB

.rsrc Size: 453KB - Virtual size: 453KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 930KB - Virtual size: 930KB

.rdata
Size: 401KB - Virtual size: 401KB

.data
Size: 443KB - Virtual size: 484KB

.pdata
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 453KB - Virtual size: 453KB

.reloc
Size: 2KB - Virtual size: 2KB