014fa5878a64ad15c444c4cdb2b9a5fb9b7f97cb6a1590dac6f0ee0b08059c52

Sharing

Copy URL Twitter E-mail

General

Target

014fa5878a64ad15c444c4cdb2b9a5fb9b7f97cb6a1590dac6f0ee0b08059c52
Size

1.7MB
MD5

be79e53f56882993bc6b1349d8c5fc56
SHA1

f1033d47e48b6b9a57b98af905b2d1cd78294a98
SHA256

014fa5878a64ad15c444c4cdb2b9a5fb9b7f97cb6a1590dac6f0ee0b08059c52
SHA512

e2948b1e4583195fb27254a42f51dcfc242184e17c1f3f7882f702715198e4ff2b05bf39171c5880148f734165d7c4cc81422cce65ec974fd540438e95a8c411
SSDEEP

49152:KIGOaZ1QpzKY8gKaWWndi5/53fVD3K86oqCJhuTUh:EO6QpzKY8gKaWWndi5/53fVDAt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014fa5878a64ad15c444c4cdb2b9a5fb9b7f97cb6a1590dac6f0ee0b08059c52

Files

014fa5878a64ad15c444c4cdb2b9a5fb9b7f97cb6a1590dac6f0ee0b08059c52
.dll windows:5 windows x86 arch:x86

2c23717017a70895500df8b202da13a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\c++\project\rfidlib\new_dll_projs\reader_driver\rfidlib_drv_RD5200\Debug_Unicode\rfidlib_drv_RD5200.pdb

Imports

ws2_32

sendto
recvfrom
inet_addr
htons
bind
WSAStringToAddressW
WSAGetLastError
WSACleanup
WSAStartup
socket
shutdown
setsockopt
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
__WSAFDIsSet

hid

HidD_FlushQueue
HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidP_GetCaps
HidD_GetSerialNumberString

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

kernel32

GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
HeapQueryInformation
HeapSize
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
FindNextFileW
CreateWaitableTimerW
HeapReAlloc
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
DecodePointer
InterlockedDecrement
RaiseException
TerminateThread
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
CloseHandle
CreateEventW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedIncrement
lstrlenA
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
WideCharToMultiByte
GetOverlappedResult
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
WriteFile
ReadFile
PurgeComm
FindResourceW
CreateFileW
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
CreateSemaphoreW
GetModuleFileNameA
CreateThread
ResumeThread
GetFileSize
SetFilePointer
GetModuleFileNameW
GetPrivateProfileStringW
MultiByteToWideChar
GetConsoleCP
OutputDebugStringW
GetLocalTime
SetEndOfFile
SetWaitableTimer
CancelWaitableTimer
IsBadReadPtr
IsBadWritePtr
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetACP
GetCurrentThread
SetConsoleCtrlHandler
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
RtlUnwind
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess
GetStdHandle
GetFileType
OutputDebugStringA
WriteConsoleW
WaitForSingleObjectEx

user32

UnregisterClassW
CharUpperW
SendMessageW
PostMessageW
CharNextW
LoadStringW

oleaut32

SysFreeString

Exports

Exports

PLUG_GetLink

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c23717017a70895500df8b202da13a3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

hid

setupapi

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 229KB - Virtual size: 229KB

.data Size: 24KB - Virtual size: 37KB

.gfids Size: 1024B - Virtual size: 536B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 229KB - Virtual size: 229KB

.data
Size: 24KB - Virtual size: 37KB

.gfids
Size: 1024B - Virtual size: 536B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 64KB - Virtual size: 64KB