b22f77de133d217d434b07ac68123f5772859995a36000880152be368202ef4f

Sharing

Copy URL Twitter E-mail

General

Target

b22f77de133d217d434b07ac68123f5772859995a36000880152be368202ef4f
Size

3.8MB
MD5

1855d58d8fe95e17d85398a56f2fd128
SHA1

f45d84ff1e0ecfb5a18a68d9b319c1b62a31721c
SHA256

b22f77de133d217d434b07ac68123f5772859995a36000880152be368202ef4f
SHA512

52d1caa67dad7895d3ae5c918275e4bb4f6e56da9d988f2c9aba3bbabfbc3e895b56b2776ee8ffeced6e4cc4f6e0e702804bde2403d83dbb9becdd3e4eca9ca1
SSDEEP

49152:ikXT9eqrhZwBonBoa2PaJVvECN44sJxBtl44+SmkN44ckGZR+E8tT:ieZJhWc7tT544sJxLl44+FC44AR+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b22f77de133d217d434b07ac68123f5772859995a36000880152be368202ef4f

Files

b22f77de133d217d434b07ac68123f5772859995a36000880152be368202ef4f
.exe windows:4 windows x86 arch:x86

d63d3d3516dc940aaacfec9b9c1bf85d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord5871
ord4128
ord4292
ord2538
ord1173
ord291
ord6150
ord2522
ord4358
ord4051
ord5467
ord4116
ord2381
ord5076
ord1705
ord6049
ord5230
ord6365
ord2436
ord3593
ord3098
ord3889
ord6193
ord4491
ord5057
ord2579
ord4400
ord3389
ord3724
ord2078
ord6777
ord4294
ord3614
ord3568
ord5783
ord2357
ord926
ord4272
ord6654
ord2235
ord1997
ord2773
ord2762
ord4053
ord4210
ord3006
ord3005
ord3300
ord3299
ord3306
ord3305
ord3557
ord3183
ord3180
ord3176
ord3173
ord3612
ord668
ord356
ord1972
ord927
ord6381
ord860
ord1155
ord3711
ord6107
ord2397
ord2352
ord4238
ord6891
ord6153
ord613
ord2745
ord289
ord6896
ord1851
ord4241
ord3864
ord2119
ord2383
ord5096
ord5099
ord4462
ord3345
ord975
ord2875
ord4148
ord2375
ord5280
ord4431
ord4422
ord796
ord807
ord529
ord554
ord402
ord5880
ord1761
ord5996
ord2109
ord4158
ord6617
ord4451
ord5251
ord4495
ord6063
ord6065
ord2003
ord3442
ord3191
ord2281
ord6865
ord4609
ord4606
ord4604
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord4147
ord3341
ord5296
ord5298
ord6403
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord815
ord561
ord617
ord5297
ord5208
ord296
ord986
ord411
ord4154
ord6113
ord2613
ord2353
ord4470
ord2717
ord6770
ord6920
ord4219
ord4199
ord859
ord5568
ord2910
ord1817
ord4233
ord4690
ord3053
ord3060
ord6332
ord2502
ord2534
ord5239
ord5736
ord1739
ord5573
ord3167
ord5649
ord4414
ord4947
ord4852
ord2391
ord4381
ord3449
ord3193
ord6076
ord6171
ord4617
ord4420
ord652
ord338
ord4817
ord3313
ord5444
ord5774
ord3502
ord6279
ord5461
ord4608
ord4607
ord1937
ord4268
ord4583
ord5070
ord4335
ord4343
ord4884
ord4525
ord4539
ord4537
ord4520
ord4523
ord4518
ord4958
ord4955
ord4103
ord5236
ord3743
ord1719
ord4426
ord813
ord560
ord5256
ord2527
ord4717
ord5784
ord472
ord2372
ord283
ord3688
ord3312
ord4502
ord3701
ord6124
ord3747
ord4688
ord5142
ord5764
ord6125
ord2114
ord556
ord327
ord4230
ord1702
ord5275
ord5244
ord1941
ord1808
ord4369
ord4846
ord4224
ord5228
ord5264
ord1989
ord2755
ord4273
ord3784
ord2756
ord6771
ord6661
ord6330
ord4847
ord2355
ord2289
ord3605
ord6735
ord293
ord2505
ord2879
ord2854
ord5279
ord925
ord686
ord810
ord4211
ord6511
ord790
ord4407
ord355
ord2507
ord3494
ord2637
ord4494
ord4452
ord2079
ord5250
ord616
ord793
ord656
ord2873
ord2874
ord3398
ord5468
ord976
ord5006
ord3346
ord4298
ord804
ord941
ord3871
ord3490
ord2359
ord2358
ord2290
ord2293
ord3714
ord5949
ord3087
ord2362
ord3577
ord4392
ord2570
ord4213
ord2015
ord2403
ord4120
ord6003
ord2857
ord3909
ord3282
ord4279
ord3995
ord6004
ord5977
ord2088
ord1143
ord2444
ord3281
ord384
ord3728
ord3393
ord3806
ord2813
ord3785
ord533
ord5188
ord1131
ord798
ord809
ord642
ord674
ord401
ord4421
ord2437
ord4430
ord1658
ord2641
ord2374
ord5233
ord4074
ord4072
ord4461
ord5098
ord5094
ord3054
ord2382
ord2715
ord2093
ord5095
ord4240
ord1850
ord922
ord5679
ord4124
ord537
ord6868
ord1172
ord2858
ord6874
ord6139
ord2859
ord3084
ord541
ord801
ord6211
ord858
ord6898
ord1165
ord3792
ord6205
ord6667
ord6879
ord3991
ord3993
ord4704
ord6195
ord2634
ord4370
ord4229
ord2294
ord693
ord324
ord641
ord765
ord609
ord3592
ord4419
ord5276
ord1767
ord6048
ord2506
ord4992
ord5261
ord3397
ord3569
ord4390
ord2567
ord3635
ord3365
ord4396
ord2574
ord3693
ord354
ord350
ord5706
ord1197
ord665
ord5180
ord3122
ord5438
ord1971
ord823
ord3611
ord5647
ord535
ord861
ord2746
ord538
ord2371
ord470
ord323
ord1633
ord1634
ord5781
ord640
ord2406
ord755
ord3621
ord3566
ord3658
ord4270
ord795
ord567
ord3716
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord6051
ord2810
ord940
ord942
ord800
ord540
ord2388
ord825
ord1569

msvcrt

__CxxFrameHandler
wcsncmp
_wcsicmp
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_CxxThrowException
_wtoi
wcscmp
swprintf
_ftol
rand
_CIpow
_purecall
malloc
free
isdigit
wcscpy
mbstowcs
_CIasin
memmove
sprintf
wcstod
_itow
wcstol
wcstoul
isxdigit
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp

kernel32

lstrlenW
lstrcpyW
GetModuleHandleW
GlobalLock
GlobalUnlock
CreateEventW
ResetEvent
SetEvent
CreateSemaphoreW
GetLocalTime
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetLastError
WaitForSingleObject
OutputDebugStringW
ResumeThread
CreateDirectoryW
GetCurrentThread
GetSystemTime
GetModuleFileNameW
SuspendThread
TerminateThread
CreateThread
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
LockResource
GetTempPathW
DeleteFileW
CreateFileW
WriteFile
CloseHandle
GlobalFree
Sleep
GetStartupInfoW

user32

SetTimer
GetWindow
GetMenuItemCount
GetMenuItemID
GetSubMenu
SendMessageW
KillTimer
EnableWindow
GetMenu
ModifyMenuW
PostMessageW
GetKeyState
CopyRect
ReleaseCapture
LoadBitmapW
ScreenToClient
GetCursorPos
LoadIconW
RedrawWindow
GetWindowRect
ReleaseDC
GetDC
GetFocus
GetSysColor
SetPropW
GetDesktopWindow
RemovePropW
DrawMenuBar
DeleteMenu
AppendMenuW
InsertMenuW
MessageBeep
UpdateWindow
GetLastActivePopup
SetForegroundWindow
ShowWindow
IsIconic
GetPropW
IsWindow
GetWindowDC
GetParent
FillRect
SetCursor
LoadCursorW
IsRectEmpty
DrawEdge
PtInRect
InvalidateRect
SetCapture
GetClientRect

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32W
DeleteObject
SelectObject
CreatePen
CreateBrushIndirect
CreateFontW
SelectPalette
RealizePalette
CreatePolygonRgn
FillRgn
GetDeviceCaps
SetPixel
GetTextColor
CreateFontIndirectW
GetDIBits
CreateDCW
DeleteDC
Rectangle
GetStockObject
MoveToEx
CreateSolidBrush
SetStretchBltMode
StretchBlt
GetObjectW
LineTo

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_Remove
ImageList_AddMasked
ImageList_GetImageInfo

ole32

CoTaskMemFree

shlwapi

PathFileExistsW

htdisplaydll

HTDrawGridARB
HTDrawKnob
_HTDrawEllipse@24
HTDrawRightPentagon
HTDrawCursorLine
HTDrawCursorTraceLine
HTDrawDefineText
HTDrawWaveInYT
HTDrawWaveInXY
HTDrawLeftPentagon
HTDrawBottomPentagon
HTDrawTopPentagon
_HTDrawCANDecode@60
_HTDrawCANDecodeTable@32
_HTDrawLINDecode@60
_HTDrawLINDecodeTable@32
_HTDrawSPIDecode@64
_HTDrawSPIDecodeTable@36
_HTDrawIICDecode@60
_HTDrawIICDecodeTable@32
_HTDrawUARTDecode@60
_HTDrawUARTDecodeTable@32
HTDrawCouplingImage
HTDrawEdgeSlope
HTDrawPulseWidth
HTDrawAcquireMode
HTDrawPrintGrid
HTDrawPrintGridBorder

htharddll

dsoHTSetCHDirectLeverPos
dsoHTSetVideoTriger
dsoHTSetPulseTriger
dsoHTSetRamAndTrigerControl
dsoUSBModeSetIPAddr
dsoUSBModeGetIPAddr
dsoOpenLan
_dsoHTSetSeriesTriggerCommon@20
ddsSetFrequency
ddsEmitSingle
ddsSetFAOC
_ddsSetAMFMFreq@12
ddsDownload
ddsSetOnOff
dsoGetFPGAVersion
ddsSetSyncOut
ddsSetCmd
dsoHTSetVTriggerLevel
dsoHTSetHTriggerLength
_dsoGetPCBVersion@8
dsoGetDriverVersion
dsoHTSetCHAndTrigger
dsoHTSetTriggerAndSyncOutput
dsoHTSetSampleRate
dsoHTWriteCalibrationData
dsoHTRDAmpCali
dsoHTReadCalibrationData
dsoHTOpenRollMode
dsoHTCloseRollMode
dsoHTDeviceConnect
dsoGetLANEnable
dsoGetHardInfo
dsoWriteFlash
_dsoWriteIIC@12
dsoReadFlash
_dsoReadIIC@12
dsoSetUSBBus
dsoHTGetHardFC
dsoHTResetCnter
dsoHTForceTrigger
dsoHTStartCollectData
dsoHTStartTrigger
dsoHTGetState
_dsoHTGetCanDecode@8
_dsoHTGetUartDecode@8
_dsoHTGetSPIDecode@8
_dsoHTGetIICDecode@8
_dsoHTGetLinDecode@8
dsoHTGetData
dsoHTGetScanData
dsoHTGetRollData
dsoHTADCCHModGain
dsoHTSetAmpCalibrate
_dsoGetSampleRate@4
dsoGetDeviceSN
_dsoGetDeviceName@8
dsoHTSetHardFC
dsoHTSetCHPos
dsoInitHard
_dsoHTSetIIC@12
_dsoHTSetSPI@12
_dsoHTSetUart@20
dsoHTSetTrigerMode
_dsoHTSetSeriseData@12
_dsoHTSetLinCan@20

gdiplus

GdiplusShutdown
GdiplusStartup

htsoftdll

dsoSFPassFail
dsoSFCalPassFailData
HTPosConvertToScale
dsoSFGetSampleRate
dsoSFGetFFTSrcData
dsoSFGetFFTSa
dsoSFCalSinSheet
dsoSFProcessInsertData
dsoSFGetInsertNum
_dsoAdjustADC@8
dsoSFFindTrigger
HTGetTracePoint
HTGetTracePointIndex

measdll

CalNDutyCycle
CalPDutyCycle
CalNPulseWidth
CalPPulseWidth
CalFallTime
CalRiseTime
CalFrequency
CalPeriod
CalPreShoot
CalOverShoot
CalCRMS
CalRMS
CalCMean
CalMean
AMCalSecondaryIgnitionPlugLead
CursorFrequency
CursorFFTFrequency
CursorTime
CursorVoltage
CursorTraceVoltage
CalAverage
_GetAutoMotiveMaxMinData@16
GetMaxMinData
FindPeriod
PreMeas
CalVpp
CalMaxVolt
CalMinVolt
CalTopVolt
CalAmplitude
CalMidVolt
CalBaseVolt

htfftdll

dsoHTFFT

htetsdll

_dsoHTWriteTDCCalData@8
_dsoHTReadTDCCalData@8
_dsoETSProc@44
dsoHTSetTDCCal
dsoHTGetTDCData

htlandll

dsoLANGetFPGAVersion
dsoLANClose
dsoLANInit
dsoLANGetData
dsoLANGetState
dsoLANStartTrigger
dsoLANStartCollectData
dsoLANForceTrigger
dsoLANResetCnter
dsoLANGetHardFC
ddsLANSetFrequency
ddsLANDownload
ddsLANSetOnOff
ddsLANSetSyncOut
dsoLANGetRestartLANStatus
dsoLANOpenConnet
dsoLANModeGetIPAddr
dsoLANModeSetIPAddr
dsoLANSetCHPos
dsoLANSetVTriggerLevel
dsoLANSetHTriggerLength
dsoLANSetCHAndTrigger
dsoLANSetTriggerAndSyncOutput
dsoLANSetSampleRate
dsoLANWriteCalibrationData
dsoLANReadCalibrationData
dsoLANOpenRollMode
dsoLANCloseRollMode
dsoLANSetPeakDetect
dsoLANClosePeakDetect
dsoLANSetHardFC

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7out_of_range@std@@6B@
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d63d3d3516dc940aaacfec9b9c1bf85d

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

shell32

comctl32

ole32

shlwapi

htdisplaydll

htharddll

gdiplus

htsoftdll

measdll

htfftdll

htetsdll

htlandll

msvcp60

Sections

.text Size: 440KB - Virtual size: 437KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.text
Size: 440KB - Virtual size: 437KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB