bbc51f60fc8f305091da8df8c2e86f07483b3a670bdacaf9e7f8a8476a2dbfa5

Sharing

Copy URL

Twitter E-mail

General

Target

bbc51f60fc8f305091da8df8c2e86f07483b3a670bdacaf9e7f8a8476a2dbfa5
Size

1.5MB
MD5

2204f544e546c3b6c41bd7d1fbf6a974
SHA1

9c6d45175f4604ca99fdd2553f0fa22fc8556375
SHA256

bbc51f60fc8f305091da8df8c2e86f07483b3a670bdacaf9e7f8a8476a2dbfa5
SHA512

9b0de327c5f0c504bcbac1a9af8a158f12438844fb78fca6a4787f40369c88478952c3016dc69351a84c5ec7025a67d0053dcd5fafc3f1b8ca2da4f8a9d764e2
SSDEEP

24576:4T9/VU2n1Pqv2WZYwsfgzGSr28LbSUpy2BaIDHhpG:4NVU2dG2W9sMrBy2BnjhpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbc51f60fc8f305091da8df8c2e86f07483b3a670bdacaf9e7f8a8476a2dbfa5

Files

bbc51f60fc8f305091da8df8c2e86f07483b3a670bdacaf9e7f8a8476a2dbfa5
.dll windows:6 windows x86 arch:x86

80d6b2ef8385a1b61bd9b59040888552

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\c++\project\rfidlib\new_dll_projs\rfidlib_reader_general\debug_unicode\rfidlib_reader_general.pdb

Imports

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidD_GetSerialNumberString
HidD_FlushQueue

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo

kernel32

DecodePointer
InterlockedDecrement
RaiseException
TerminateThread
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
CloseHandle
CreateEventW
InterlockedIncrement
lstrlenW
GetFileSize
WriteFile
SetFilePointer
GetModuleFileNameW
GetPrivateProfileStringW
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
GetOverlappedResult
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
ReadFile
PurgeComm
lstrlenA
FindResourceW
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
GetConsoleCP
GlobalUnlock
GlobalFree
GlobalAlloc
GetLocaleInfoW
IsBadReadPtr
IsBadWritePtr
CreateThread
ResumeThread
CreateSemaphoreW
GetModuleFileNameA
GetLocalTime
OutputDebugStringW
HeapAlloc
HeapFree
GetProcessHeap
FindClose
FindFirstFileW
FindNextFileW
ReadConsoleW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetACP
GetCurrentThread
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
SetConsoleCtrlHandler
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
HeapQueryInformation
HeapSize
HeapReAlloc
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
GlobalLock
SetEndOfFile
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
VirtualQuery
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
EncodePointer
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess
GetStdHandle
GetFileType
OutputDebugStringA
WriteConsoleW
WaitForSingleObjectEx
IsValidLocale

user32

UnregisterClassW
CharNextW
LoadStringW
SendMessageW
PostMessageW
CharUpperW

advapi32

RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey

oleaut32

SysFreeString

ws2_32

setsockopt
send
select
shutdown
ioctlsocket
connect
closesocket
__WSAFDIsSet
socket
WSAStartup
WSACleanup
WSAGetLastError
WSAStringToAddressW
recv
getsockopt

iphlpapi

GetAdaptersInfo

Exports

Exports

Bluetooth_Enum
Bluetooth_GetEnumItem
BookShelf_AddLayerParams
BookShelf_AddLedControl
BookShelf_CreateLayerParams
BookShelf_CreateLayerParamsManager
BookShelf_CreateLedControl
BookShelf_CreateLedControlManager
BookShelf_DestoryLayerParamsManager
BookShelf_DestoryLedControlManager
BookShelf_GetIRSta
BookShelf_GetOnlineStatus
BookShelf_SetLID
BookShelf_SetLSN
BookShelf_SetLayerLed
BookShelf_SetLayerParams
Bookcase_AddTagToRecordSet
Bookcase_CreateTagRecordSet
Bookcase_DownloadTagsToBuffer
Bookcase_GetTagReport
Bookcase_Inventory
Bookcase_ParseTagReport
Bookcase_SetBoxAntennas
Bookcase_SubmitInventoryResult
COMPort_Enum
COMPort_GetEnumItem
CreateMultipleAccessTagSet
DNODE_Destroy
EnumIP
HID_Enum
HID_GetEnumItem
IP_GetEnumItem
JD100_AddGroupToGroupManager
JD100_CreateGroup
JD100_CreateGroupManager
JD100_DestroyGroupManager
JD100_Inventory
JD_AddLedControl
JD_ControlLedByRID
JD_ControlLightByRSN
JD_CreateLedControl
JD_CreateLedControlManager
JD_DestoryLedControlManager
JD_FetchSearchReport
JD_GetReaderOfflineSta
JD_ParseReport
JD_ParseSearchReport
JD_SearchReader
JD_SetRID
LSC100_DiagnosisBookShelf
LSC100_GetIRSta
LSC100_GetLEDControlInfo
LSC100_GetLayerInfor
LSC100_Inventory
LSC100_ParseReport
LSC100_SetDispText
LSC100_SetLayerLed
LSC100_SetOutput
LSC100_SystemReset
LSG_AddOneAlarmBook
LSG_Alaram
LSG_CreateAlarmBookSet
LSG_DiagnosisFlow
LSG_FetchPCFromGate
LSG_FetchStoredDataAndAlaramFromGate
LSG_GetBufRecordCount
LSG_GetDetectStatus
LSG_GetIRCoverSta
LSG_GetIRCurrentSta
LSG_GetIRSta
LSG_GetIRTriggerCounter
LSG_InitPC
LSG_ParseAlaramRecord
LSG_ParseDayPCRecord
LSG_ParseRealtimePCRecord
LSG_ReadBufRecord
LSG_SetAtmosphereLight
LSG_SetOutput
LSG_ShowAlarmBook
LSG_StartDetect
PDA_GetDeviceStatus
PDA_GetScanKeyState
PDA_LowPowerConsumption
PDA_ParseHFRecord
PDA_ParseQRCodeRecord
PDA_ParseUHFRecord
PDA_SetActiveMode
PDA_SetHostMode
RDR_AccessMultipleTags
RDR_AddLastATagAccessCommand
RDR_AddLightParam
RDR_AddOneDownloadTagOperation
RDR_AddOneOutputOperation
RDR_AddOneSaveCustLSG
RDR_AddTagAccessToInvenParam
RDR_AntSel
RDR_Authentication
RDR_BuffMode_ClearRecords
RDR_BuffMode_FetchRecords
RDR_BuffMode_FlashEmpty
RDR_BuffMode_StartReportCollection
RDR_BuffMode_StopReportCollection
RDR_BuffMode_StopReportCollectionNoWait
RDR_ChangePassingCounter
RDR_CheckAntennas
RDR_CheckAntennasV2
RDR_ClearHistoryRecord
RDR_ClearTodayRecord
RDR_Close
RDR_CloseRFTransmitter
RDR_CommandTransceive
RDR_ConfigBlockLock
RDR_ConfigBlockLockState
RDR_ConfigBlockRead
RDR_ConfigBlockSave
RDR_ConfigBlockWrite
RDR_CreateDownloadTagsOperations
RDR_CreateInvenParamSpecList
RDR_CreateLightParamList
RDR_CreateRS485Node
RDR_CreateSaveCustLSGSet
RDR_CreateSetGetConfigItemList
RDR_CreateSetOutputOperations
RDR_DetectAntennaCount
RDR_DetectMux
RDR_DetectNoise
RDR_DetectOutputCount
RDR_DeviceDebugAlarmOut
RDR_DeviceDebugAntCheck
RDR_DeviceDebugAntTest
RDR_DeviceDebugBeepTest
RDR_DeviceDebugGetDiagnosisData
RDR_DeviceDebugLedOrOutput
RDR_DeviceDebugRFIDPower
RDR_DeviceReset
RDR_DiagnosisReader
RDR_DisableAsyncTagReportOutput
RDR_DisalbeProtocolLog
RDR_DisconnectAllTags
RDR_EnableAsyncTagReportOutput
RDR_EnablePasswordLogin
RDR_EnableProtocolLog
RDR_ExeSpecialControlCmd
RDR_ExtractTagDataReport
RDR_FetchHistoryPassingData
RDR_FetchLSGSearchReport
RDR_FetchTodayPassingData
RDR_FpcGetTagDataReport
RDR_FpcParseTagDataReport
RDR_FridgeDownloadTag
RDR_FridgeInventory
RDR_FridgeParseTagDataReport
RDR_GetAIPTypeName
RDR_GetAirInterfaceProtName
RDR_GetAlarmEventType
RDR_GetAntennaInterfaceCount
RDR_GetAntennaSWR
RDR_GetCapabilities
RDR_GetConfig
RDR_GetConnectedTagInfo
RDR_GetDeviceUniqueID
RDR_GetGPICount
RDR_GetGPIsStatus
RDR_GetHistoryPassingReport
RDR_GetIOPortIDs
RDR_GetInputStatus
RDR_GetLSGRecord
RDR_GetLSGSearchReport
RDR_GetLayerReaderInfor
RDR_GetLibVersion
RDR_GetLoadedReaderDriverCount
RDR_GetLoadedReaderDriverOpt
RDR_GetLoadedReaderDriverOptByName
RDR_GetLockSta
RDR_GetModuleInfor
RDR_GetModules
RDR_GetNoiseLevel
RDR_GetNoiseLevelWithBase
RDR_GetOutputCount
RDR_GetOutputName
RDR_GetPassingCounter
RDR_GetPassingCounter_V2
RDR_GetReaderDetailInfor
RDR_GetReaderInfor
RDR_GetReaderLastReturnError
RDR_GetSingleDoorInfo
RDR_GetSingleDoorMos
RDR_GetSingleDoorNoiseLevel
RDR_GetSingleDoorOnlineStatus
RDR_GetSingleDoorOutput
RDR_GetSingleDoorRFIDPower
RDR_GetSingleDoorSWR
RDR_GetSingleDoorSubModuleInfo
RDR_GetSingleDoorSysErr
RDR_GetSingleDoorTemp
RDR_GetSupportedAirInterfaceProtocol
RDR_GetSystemTime
RDR_GetTagAccessCommand
RDR_GetTagDataReport
RDR_GetTagDataReportCount
RDR_GetTagTypeName
RDR_GetTodayPassingReport
RDR_InputSelect
RDR_InventoryPrepare
RDR_IsSupportEmbeddedTagAccess
RDR_IsSupportInventoryAsyncOutput
RDR_LayerUnitLight
RDR_LoadAuthKey
RDR_LoadFactoryDefault
RDR_LoadReaderDrivers
RDR_Login
RDR_ModuleRead
RDR_ModuleStartBootLoader
RDR_ModuleStopBootLoader
RDR_ModuleWrite
RDR_Open
RDR_OpenRFTransmitter
RDR_ParseHistoryPassingReport
RDR_ParseHistoryPassingReport_V2
RDR_ParseLSGSearchReport
RDR_ParseLSGWarnningReport
RDR_ParseReaderDetailAntennaCount
RDR_ParseReaderDetailBasic
RDR_ParseReaderDetailComm
RDR_ParseReaderDetailIO
RDR_ParseReaderDetailMuxCount
RDR_ParseReaderDetailMuxInfo
RDR_ParseTagDataReportBlockData
RDR_ParseTagDataReportRaw
RDR_ParseTagDataReportRaw_V2
RDR_ParseTagDataReportWriteResult
RDR_ParseTodayPassingReport
RDR_ParseTodayPassingReport_V2
RDR_RFTransmitterOperate
RDR_ReadUserSignature
RDR_ResetBackupAntenna
RDR_ResetCommuImmeTimeout
RDR_ResetPassingCounter
RDR_ResetRF
RDR_ResetSingleDoor
RDR_ResetTagFilterCounter
RDR_ResumeAntiTheft
RDR_ReverseInOutDirection
RDR_SaveCustLSG
RDR_SaveSearchLSG
RDR_SearchLSG
RDR_SeekAccessTag
RDR_SelectAuthKey
RDR_SetAcessAntenna
RDR_SetCommuImmeTimeout
RDR_SetConfig
RDR_SetEventHandler
RDR_SetFactoryInfor
RDR_SetInvenStopTrigger
RDR_SetLastATagAntennas
RDR_SetLastATagTagType
RDR_SetLight
RDR_SetLock
RDR_SetMultiAccessAntennas
RDR_SetOutput
RDR_SetPassingCounter
RDR_SetProcSN
RDR_SetSingleDoorMos
RDR_SetSingleDoorOutput
RDR_SetStopCommBeforeClose
RDR_SetSystemTime
RDR_SingleDoorAVAlarm
RDR_StartBootLoader
RDR_StopAntiTheft
RDR_SystemReset
RDR_TagAccess
RDR_TagConnect
RDR_TagDisconnect
RDR_TagInventory
RDR_TestWGIF
RDR_UpdateHardSerialNum
RDR_UpdateLoginPassword
RDR_UpdateUserSignature

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80d6b2ef8385a1b61bd9b59040888552

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hid

setupapi

kernel32

user32

advapi32

oleaut32

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 20KB - Virtual size: 33KB

.gfids Size: 1024B - Virtual size: 536B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 53KB - Virtual size: 53KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 20KB - Virtual size: 33KB

.gfids
Size: 1024B - Virtual size: 536B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 53KB - Virtual size: 53KB