afd5277aa78a33daa51d260224fdec5a223e2b40a1ac3dd25f5c5cf87f30dbd9

Sharing

Copy URL Twitter E-mail

General

Target

afd5277aa78a33daa51d260224fdec5a223e2b40a1ac3dd25f5c5cf87f30dbd9
Size

1009KB
MD5

2aeb2cb5d37e8fda1711e05fc5b615a9
SHA1

1e475cfaf7ba5385d5d43c437885b8a915b8cc21
SHA256

afd5277aa78a33daa51d260224fdec5a223e2b40a1ac3dd25f5c5cf87f30dbd9
SHA512

8556e1c9abb227d5c10c74546c307b92813f59841c7190326c3b625cf3cd3f1ec6fe444bd10b889dfdfddb55d8f3bf60f8cecbb5b69a7585f1197af524efef19
SSDEEP

24576:jE9dwP3Qyj/urpySeny48c1Z/Q2amulHJ:I9dwIyaJ1JmOHJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afd5277aa78a33daa51d260224fdec5a223e2b40a1ac3dd25f5c5cf87f30dbd9

Files

afd5277aa78a33daa51d260224fdec5a223e2b40a1ac3dd25f5c5cf87f30dbd9
.dll windows:6 windows x86 arch:x86

139fac3749b13fdb8b14fcd2fc132ae8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\c++\project\rfidlib\new_dll_projs\aip_driver\rfidlib_aip_iso15693\debug_unicode\rfidlib_aip_iso15693.pdb

Imports

kernel32

GetFileSize
WriteFile
SetFilePointer
CloseHandle
GetModuleFileNameW
GetPrivateProfileStringW
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
RaiseException
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsBadReadPtr
IsBadWritePtr
InterlockedIncrement
InterlockedDecrement
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
lstrlenA
OutputDebugStringW
ReadFile
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
CreateEventW
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
EncodePointer
GetModuleFileNameA
GetModuleHandleExW
HeapValidate
GetSystemInfo
ExitProcess
GetCurrentThread
GetACP
GetStdHandle
GetFileType
GetStringTypeW
OutputDebugStringA
WriteConsoleW
WaitForSingleObjectEx
CreateThread
SetConsoleCtrlHandler
HeapReAlloc
HeapSize
HeapQueryInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
ReadConsoleW

user32

CharNextW
UnregisterClassW

oleaut32

SysFreeString

rfidlib_reader

DNODE_Destroy
RDR_TagAccess
RDR_TagConnect

Exports

Exports

CIT83128_ActAu
CIT83128_GetSecPara
CIT83128_InitMem
EM4237SLI_ActiveEAS
EM4237SLI_ChangeKey
EM4237SLI_Destroy
EM4237SLI_DisableEAS
EM4237SLI_DisablePrivacy
EM4237SLI_DisableRandomID
EM4237SLI_EASCheck
EM4237SLI_EnableEAS
EM4237SLI_EnablePrivacy
EM4237SLI_EnableRandomID
EM4237SLI_GetMultipleBlocksProtectionStatus
EM4237SLI_LockEAS
EM4237SLI_Login
EM4237SLI_ProtectEAS
EM4237SLI_ProtectMemoryPage
EM4237SLI_WriteEASCfg
EM4237SLI_WriteEASID
FM11NP04V_CreateTAPWDAuth
FM11NP04V_CreateTAReadMemory
FM11NP04V_CreateTAReadReg
FM11NP04V_CreateTAWriteMemory
FM11NP04V_CreateTAWriteReg
FM11NP04V_PWDAuth
FM11NP04V_ParseReadMemory
FM11NP04V_ParseReadReg
FM11NP04V_ReadMemory
FM11NP04V_ReadReg
FM11NP04V_WriteMemory
FM11NP04V_WriteReg
FM11NT083V_CreateTAReadFIFO
FM11NT083V_CreateTAWriteFIFO
FM11NT083V_ParseReadFIFO
FM11NT083V_ReadFIFO
FM11NT083V_WriteFIFO
FM13HF_CreateTAPadIOOnOff
FM13HF_PadIOOnOff
ISO15693_AddAreaToWriteMultipleTagsAccess
ISO15693_AddInventoryReadBlockArea
ISO15693_AddNewAccessTag
ISO15693_AddOneTagToWriteMultipleTagsAccess
ISO15693_Connect
ISO15693_CreateInvenParam
ISO15693_CreateTACustomCommand
ISO15693_CreateTAGetSecStaOfBlocks
ISO15693_CreateTAGetTagInfor
ISO15693_CreateTALockAFI
ISO15693_CreateTALockDSFID
ISO15693_CreateTALockMultipleBlocks
ISO15693_CreateTAReadMultipleBlocks
ISO15693_CreateTAReadSingleBlock
ISO15693_CreateTAReset
ISO15693_CreateTAWriteAFI
ISO15693_CreateTAWriteDSFID
ISO15693_CreateTAWriteMultipleBlocks
ISO15693_CreateTAWriteMultipleTags
ISO15693_CreateTAWriteSingbleBlock
ISO15693_GetBlockSecStatus
ISO15693_GetLibVersion
ISO15693_GetSystemInfo
ISO15693_LockAFI
ISO15693_LockBlock
ISO15693_LockDSFID
ISO15693_LockMultipleBlocks
ISO15693_ParseCustomCommandResult
ISO15693_ParseGetBlockSecStatusResult
ISO15693_ParseGetSystemInfoResult
ISO15693_ParseInvenReadReport
ISO15693_ParseInventoryReadReport
ISO15693_ParseLockAFIResult
ISO15693_ParseLockDSFIDResult
ISO15693_ParseLockMultipleBlocksResult
ISO15693_ParseReadMultiBlocksResult
ISO15693_ParseReadSingleBlockResult
ISO15693_ParseResetResult
ISO15693_ParseTagDataReport
ISO15693_ParseTagDataReportEx
ISO15693_ParseWriteAFIResult
ISO15693_ParseWriteDSFIDResult
ISO15693_ParseWriteMultipleBlocksResult
ISO15693_ParseWriteSingbleBlockResult
ISO15693_Quiet
ISO15693_ReadMultiBlocks
ISO15693_ReadSingleBlock
ISO15693_Reset
ISO15693_Select
ISO15693_SetInvenReadParam
ISO15693_SetInventoryReadParam
ISO15693_TransparentTransceive
ISO15693_WriteAFI
ISO15693_WriteDSFID
ISO15693_WriteMultipleBlocks
ISO15693_WriteMultipleTags
ISO15693_WriteSingleBlock
NXPICODESLIX_DisableEAS
NXPICODESLIX_EASAlarm
NXPICODESLIX_EASCheck
NXPICODESLIX_EableEAS
NXPICODESLIX_GetRandomAndSetPassword
NXPICODESLIX_GetRandomNum
NXPICODESLIX_LockEAS
NXPICODESLIX_LockPassword
NXPICODESLIX_PasswordProtect
NXPICODESLIX_SetPassword
NXPICODESLIX_WritePassword
NXPICODESLI_CreateTADestroy
NXPICODESLI_CreateTADisableEAS
NXPICODESLI_CreateTAEASAlarm
NXPICODESLI_CreateTAEASCheck
NXPICODESLI_CreateTAEableEAS
NXPICODESLI_CreateTAEnable64BitPwd
NXPICODESLI_CreateTAEnblePrivacy
NXPICODESLI_CreateTAGetNxpSysInfo
NXPICODESLI_CreateTAGetRandomAndSetPassword
NXPICODESLI_CreateTAIncrementCounter
NXPICODESLI_CreateTALockEAS
NXPICODESLI_CreateTALockPageProtection
NXPICODESLI_CreateTALockPassword
NXPICODESLI_CreateTAPasswordProtect
NXPICODESLI_CreateTAPresetCounter
NXPICODESLI_CreateTAProtectPage
NXPICODESLI_CreateTAReadSignature
NXPICODESLI_CreateTAWriteEASID
NXPICODESLI_CreateTAWritePassword
NXPICODESLI_Destroy
NXPICODESLI_DisableEAS
NXPICODESLI_EASAlarm
NXPICODESLI_EASCheck
NXPICODESLI_EableEAS
NXPICODESLI_Enable64BitPwd
NXPICODESLI_EnblePrivacy
NXPICODESLI_GetNxpSysInfo
NXPICODESLI_GetRandomAndSetPassword
NXPICODESLI_GetRandomNum
NXPICODESLI_IncrementCounter
NXPICODESLI_LockEAS
NXPICODESLI_LockPageProtection
NXPICODESLI_LockPassword
NXPICODESLI_ParseDestroyResult
NXPICODESLI_ParseDisableEASResult
NXPICODESLI_ParseEASAlarmResult
NXPICODESLI_ParseEASCheckResult
NXPICODESLI_ParseEableEASResult
NXPICODESLI_ParseEnable64BitPwdResult
NXPICODESLI_ParseEnblePrivacyResult
NXPICODESLI_ParseGetNxpSysInfoResult
NXPICODESLI_ParseGetRandomAndSetPasswordResult
NXPICODESLI_ParseIncrementCounterResult
NXPICODESLI_ParseLockEASResult
NXPICODESLI_ParseLockPageProtectionResult
NXPICODESLI_ParseLockPasswordResult
NXPICODESLI_ParsePasswordProtectResult
NXPICODESLI_ParsePresetCounterResult
NXPICODESLI_ParseProtectPageResult
NXPICODESLI_ParseReadSignatureResult
NXPICODESLI_ParseWriteEASIDResult
NXPICODESLI_ParseWritePasswordResult
NXPICODESLI_PasswordProtect
NXPICODESLI_PresetCounter
NXPICODESLI_ProtectPage
NXPICODESLI_ReadSignature
NXPICODESLI_SetPassword
NXPICODESLI_WriteEASID
NXPICODESLI_WritePassword
ST25DV04K_FastReadDynamicConfiguration
ST25DV04K_FastWriteDynamicConfiguration
ST25DV04K_ManageGPO
ST25DV04K_PresentPassword
ST25DV04K_ReadConfiguration
ST25DV04K_ReadDynamicConfiguration
ST25DV04K_ReadMessage
ST25DV04K_ReadMessageLength
ST25DV04K_WriteConfiguration
ST25DV04K_WriteDynamicConfiguration
ST25DV04K_WriteMessage
ST25DV04K_WritePassword
ST25TV02K_CheckEAS
ST25TV02K_EnableUntraceableMode
ST25TV02K_Kill
ST25TV02K_LockEAS
ST25TV02K_LockKill
ST25TV02K_PresentPassword
ST25TV02K_ReadConfiguration
ST25TV02K_ResetEAS
ST25TV02K_SetEAS
ST25TV02K_WriteConfiguration
ST25TV02K_WriteEASCfg
ST25TV02K_WriteEASId
ST25TV02K_WritePassword
STLRI2k_Kill
STLRI2k_LockKill
STLRI2k_WriteKill
STM24LR_CheckEHEn
STM24LR_CreateTACheckEHEn
STM24LR_CreateTALockSector
STM24LR_CreateTAPresentSectorPassword
STM24LR_CreateTAReadCFGByte
STM24LR_CreateTASetRstEHEn
STM24LR_CreateTAWriteDOCfg
STM24LR_CreateTAWriteEHCfg
STM24LR_CreateTAWriteSectorPassword
STM24LR_LockSector
STM24LR_ParseCheckEHEnResult
STM24LR_ParseReadCFGByteResult
STM24LR_PresentSectorPassword
STM24LR_ReadCFG
STM24LR_SetRstEHEn
STM24LR_WriteDOCfg
STM24LR_WriteEHCfg
STM24LR_WriteSectorPassword
TIHFI_Kill
TIHFI_WriteSingleBlockPwd

Sections

.text
Size: 786KB - Virtual size: 785KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139fac3749b13fdb8b14fcd2fc132ae8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

oleaut32

rfidlib_reader

Exports

Exports

Sections

.text Size: 786KB - Virtual size: 785KB

.rdata Size: 176KB - Virtual size: 175KB

.data Size: 11KB - Virtual size: 24KB

.gfids Size: 1024B - Virtual size: 536B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 786KB - Virtual size: 785KB

.rdata
Size: 176KB - Virtual size: 175KB

.data
Size: 11KB - Virtual size: 24KB

.gfids
Size: 1024B - Virtual size: 536B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 32KB