380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc

Sharing

Copy URL

Twitter E-mail

General

Target

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
Size

353KB
MD5

c04f67210a558c26d0132036cb2d0c25
SHA1

5896f685f25d4908826960d5dd3e0e82ce2e00c1
SHA256

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
SHA512

825857f3e8020003cd6bf2acac6be61e3174be77ed9aeea77f8cfb6e277d601abdb575f84fac5df3683d225df9902e048a05c10254519170bf811e5917d9b2cd
SSDEEP

6144:O1HCQc7/p7NthksJroUcdp1bw/uu+eLDXfbrTrzDIPS0iYrp1Hfmn1T:O1HCQOTthksJroUmp1bw/5DXfbzz0PSn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc

Files

380232c4d78e4c015ab8469ff62c8f2d4d44f2ebbc3aca0baf26d785402d87dc
.dll windows:5 windows x86 arch:x86

8d6ae0a2b0851df0c19dda92c1340a6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\办公资料\读写器\工程文件\动态库\USBToScsiDll(V1.0.0.7)\USBToScsiDll\Release\F4_MDS.pdb

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA

hid

HidD_GetHidGuid
HidD_GetAttributes

kernel32

HeapReAlloc
WriteConsoleW
SetEndOfFile
GetProcessHeap
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
Sleep
WriteFile
ReadFile
CreateEventA
CreateFileA
CloseHandle
GetOverlappedResult
WaitForSingleObject
CancelIo
GetLastError
ResetEvent
SetCommState
PurgeComm
GetCommState
SetupComm
SetCommTimeouts
GetCommTimeouts
GetProcAddress
LoadLibraryA
FreeLibrary
FlushFileBuffers
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
HeapSize
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
LCMapStringW
SetStdHandle
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
SetConsoleCtrlHandler
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapAlloc
HeapFree
RtlUnwind
DeleteFileA
RaiseException
GetCurrentThreadId
CreateFileW
GetCommandLineA
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

ole32

CreateStreamOnHGlobal

shlwapi

PathFileExistsA

gdiplus

GdipLoadImageFromFileICM
GdipLoadImageFromFile
GdipAlloc
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipCloneImage
GdipSaveImageToStream
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipFree

Exports

Exports

CipherKeypad_Buzzer_loud
CipherKeypad_Keys_Activate
CipherKeypad_MainKey_Alter
CipherKeypad_Number_Input
CipherKeypad_PasswordLength_Set
CipherKeypad_Timeout_Set
CipherKeypad_WorkKey_Alter
CipherKeypad_mode_Select
DeviceID_Read
DeviceID_Write
Device_Get_info
Get_Scan_Code
ICC_Reader_Application
ICC_Reader_Beep
ICC_Reader_Boot
ICC_Reader_CertInfo
ICC_Reader_Close
ICC_Reader_GetDevID
ICC_Reader_GetPIN
ICC_Reader_GetStatus
ICC_Reader_Libinfo
ICC_Reader_Open
ICC_Reader_PowerOff
ICC_Reader_PowerOn
ICC_Write_Flash
Icc_TrackTimeOut
Init_Lib
Logic4428_Protect_Read
Logic4428_Protect_Write
Logic4442_Protect_Read
Logic4442_Protect_Write
Logic_Data_Read
Logic_Data_Write
Logic_PassErrCount_Read
Logic_Password_Alter
Logic_Password_Read
Magnetic_Get_Track123DLoud
Magnetic_Get_Track123Data
Read_Device_Flash
Rf_Activate_Card
Rf_Anti_Collision
Rf_Cryptographic_Check
Rf_Decrement_Card
Rf_Dormancy_Card
Rf_Increment_Card
Rf_Open_Antenna
Rf_Read_Block
Rf_Read_Card
Rf_Read_ID
Rf_Read_Value
Rf_Restore_Card
Rf_Search_Card
Rf_Select_Card
Rf_Set_Type
Rf_Transfer_Card
Rf_Wite_Value
Rf_Write_Block
Rf_Write_Card
Rfc_Activate_CPUCard
Rfc_Activate_Card
Rfc_Anti_Collision
Rfc_Close_Antenna
Rfc_Halt_Card
Rfc_Open_Antenna
Rfc_Search_Card
Rfc_Select_Card
Rfc_Send_Command
SerialNumber_Read
SerialNumber_Write
Set_Scanner
Syn_Find_IDCard
Syn_GetBmp
Syn_Get_CardID
Syn_Get_CardInfo
Syn_Get_SAMID
Syn_Read_AddBaseMsg
Syn_Read_BaseMsg
Syn_Read_Parse_BaseMsg
Syn_Read_PerHKMCTW_Data
Syn_Read_again_Msg
Syn_Reset_SAM
Syn_Select_IDCard
Syn_Test_SAMStatus
Write_Device_Flash
buzzer
com_close
com_open
com_test
contact_passwordcheck
contact_settype
getsoftver
ic_rdbaohu
ic_wdbaohu
icc_Init_Speed
icc_Password_Read
icc_Power_on
icc_changc
icc_password
icc_power_off
icc_power_on_once
icc_rdbaohu
icc_rdpass
icc_read
icc_testcard
icc_type_set
icc_wdbaohu
icc_write
popcard

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d6ae0a2b0851df0c19dda92c1340a6c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

hid

kernel32

ole32

shlwapi

gdiplus

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB