2159f145ac1262f8afe5c1c9f5b3377386bd65632aff191be5c06e374e046ec7

Sharing

Copy URL

Twitter E-mail

General

Target

2159f145ac1262f8afe5c1c9f5b3377386bd65632aff191be5c06e374e046ec7
Size

4.9MB
MD5

124637e805ed5551da82b658e79ebf28
SHA1

755f696f8be7cded195c2e90f40bf17d26c76554
SHA256

2159f145ac1262f8afe5c1c9f5b3377386bd65632aff191be5c06e374e046ec7
SHA512

9d763b01ebffd7e63494b5aa33e3b8a9c10b8bd833449c67ab035e9d1c25281dde295037d8e1624ac0f22e0f22b8625e71fa403dec87186ba485f7ea3f5b94ac
SSDEEP

98304:+1cUZ1F7yaCpZnVBmIc56xfW+ZOiPCMNHAXobR5brSIVc5irYkRf+DgAsHI8:+1fZ1F7yaCpZnVBmIc56xfW+ZdaMNHAm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2159f145ac1262f8afe5c1c9f5b3377386bd65632aff191be5c06e374e046ec7

Files

2159f145ac1262f8afe5c1c9f5b3377386bd65632aff191be5c06e374e046ec7
.dll windows:5 windows x86 arch:x86

71c31d186b758b6fce322317cf5c7279

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\home\mtk14060\AutoScriptBackup\Project\WCP2_CleanRoom\DA\Download_Agent_Main\Raphael-lib\_Output\windows\Release\FlashtoollibEx.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

CancelIo
PurgeComm
QueryPerformanceFrequency
CloseHandle
GetModuleFileNameA
GetComputerNameExA
GetLocalTime
GetVersionExA
GetTickCount
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
InterlockedExchange
EscapeCommFunction
InterlockedExchangeAdd
TlsAlloc
TlsFree
GetProcAddress
LoadLibraryA
WaitForMultipleObjects
GetFileSizeEx
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcess
CreateSemaphoreA
ReleaseSemaphore
DuplicateHandle
GetOverlappedResult
ReadFile
CreateEventA
SetCommTimeouts
SetCommState
WriteFile
GetProcessHeap
SetEvent
HeapFree
QueryPerformanceCounter
GetCommState
ClearCommError
HeapAlloc
CreateFileA
SetupComm
lstrcpyA
GetModuleHandleA
GetLastError
SetFilePointerEx
ClearCommBreak
CreateThread
EnterCriticalSection
GetEnvironmentVariableW
GetStringTypeExW
GetStringTypeExA
SetWaitableTimer
CreateWaitableTimerA
GetSystemInfo
ResumeThread
OpenEventA
ResetEvent
AreFileApisANSI
GetFullPathNameW
GetWindowsDirectoryW
GetDiskFreeSpaceExW
MoveFileExW
SetFileAttributesW
SetFileTime
GetFileTime
GetFileAttributesExW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CopyFileW
CreateDirectoryExW
GetFileAttributesW
OutputDebugStringA
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedCompareExchange
SetLastError
TlsGetValue
TlsSetValue
DeleteFiber
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleW
GetVersion
GetFileType
GetStdHandle
ConvertFiberToThread
GetCurrentProcessId
FreeLibrary
LoadLibraryW
FindNextFileW
FindFirstFileW
FindClose
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
ExitThread
Sleep
InitializeCriticalSection
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
GetCPInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetCommandLineA
RtlUnwind
RaiseException
WriteConsoleW
ExitProcess
GetDriveTypeA
FindFirstFileA
HeapValidate
IsBadReadPtr
LCMapStringA
LCMapStringW
GetStringTypeW
CompareStringW
CompareStringA
GetACP
GetOEMCP
IsValidCodePage
DebugBreak
OutputDebugStringW
GetStringTypeA
SetStdHandle
SetHandleCount
GetStartupInfoA
GetTimeZoneInformation
FlushFileBuffers
GetConsoleCP
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetCurrentDirectoryA
GetFullPathNameA
HeapSize
HeapReAlloc
VirtualAlloc
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
VirtualQuery
SetEnvironmentVariableA
CreateFileW
SetEndOfFile
WaitForMultipleObjectsEx
FormatMessageA
LocalFree
RemoveDirectoryW
DeleteFileW
DeviceIoControl

user32

RegisterClassExA
GetMessageA
PostQuitMessage
SendMessageA
CreateWindowExA
DefWindowProcA
DispatchMessageA
UnregisterDeviceNotification
RegisterDeviceNotificationA
LoadStringA
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
LoadStringW

setupapi

SetupDiGetClassDescriptionA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

secur32

GetUserNameExA

ws2_32

WSACleanup
ntohs
htons
htonl
ntohl
WSAStartup
WSAGetLastError
closesocket
recv
WSASetLastError
send

advapi32

CryptEnumProvidersW
CryptDestroyKey
CryptGetProvParam
CryptAcquireContextW
CryptGetUserKey
CryptExportKey
CryptDestroyHash
CryptSignHashW
CryptSetHashParam
CryptCreateHash
CryptDecrypt
DeregisterEventSource
ReportEventW
RegisterEventSourceW
CryptGenRandom
CryptReleaseContext

crypt32

CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext

Exports

Exports

_flashtool_clear_last_errmsg@4
_flashtool_connect_brom_with_handle@20
_flashtool_customize_impl@8
_flashtool_efuse_read_all@8
_flashtool_efuse_write_all@8
_flashtool_generate_gpx@12
_flashtool_is_chiptype_match@20
_flashtool_set_last_errmsg@8
_flashtool_trans_modem_type@12
_meta_start_boot_mode@28
flashtool_cleanup
flashtool_connect_brom
flashtool_connect_da
flashtool_create_session
flashtool_create_session_with_handle
flashtool_destroy_session
flashtool_device_control
flashtool_download
flashtool_download_cert
flashtool_enable_dram
flashtool_firmware_update
flashtool_format
flashtool_format_partition
flashtool_generate_checksum
flashtool_get_com_handle
flashtool_get_device_info
flashtool_get_hrid
flashtool_get_last_errmsg
flashtool_get_lib_info
flashtool_get_rpmb_status
flashtool_get_rsc_cnt
flashtool_get_rsc_info
flashtool_get_scatter_info
flashtool_if_lib_da_match
flashtool_image_checksum
flashtool_memory_test
flashtool_otp_zone_operation
flashtool_pl_chanllenge
flashtool_query_tracking_status
flashtool_read_partition_table
flashtool_readback
flashtool_reconnect_com
flashtool_set_boot_flag
flashtool_set_log_folder
flashtool_set_log_level
flashtool_set_rsc_info
flashtool_set_scatter_path
flashtool_set_ufs_config
flashtool_shutdown_device
flashtool_startup
flashtool_switch_com
flashtool_tell_device_change_com
flashtool_test
flashtool_upgrade
flashtool_upload
flashtool_waitfor_com
flashtool_write_data
get_revised_scatter_partitions

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 938KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71c31d186b758b6fce322317cf5c7279

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

setupapi

secur32

ws2_32

advapi32

crypt32

Exports

Exports

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 938KB - Virtual size: 937KB

.data Size: 60KB - Virtual size: 99KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 229KB - Virtual size: 228KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 938KB - Virtual size: 937KB

.data
Size: 60KB - Virtual size: 99KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 229KB - Virtual size: 228KB