e71d3e523f91524bda0f986b474786ee8755095d76678e935418bd6c87c1a8ba

Sharing

Copy URL Twitter E-mail

General

Target

e71d3e523f91524bda0f986b474786ee8755095d76678e935418bd6c87c1a8ba
Size

1.6MB
MD5

c0394c63b40f3f7832e3abae3cc7e783
SHA1

e966c8f571651b8ed1d3dd87287c0abca2992dfa
SHA256

e71d3e523f91524bda0f986b474786ee8755095d76678e935418bd6c87c1a8ba
SHA512

859caf345f3564ecb08a0210072ec9d88892aaf3e63000bc2ac3a1169f4e3292e07167c3cc9ff543d8b022f5b6f52ad774151f144cc588e4a39da0edb136227b
SSDEEP

49152:3ISPV8KlnATZCmf3QcicnpnjctHGZsC2La3E2FwQiBNQgUbT:bPVHnATZC23QcFnpnjctHGKC2ejFdiBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e71d3e523f91524bda0f986b474786ee8755095d76678e935418bd6c87c1a8ba

Files

e71d3e523f91524bda0f986b474786ee8755095d76678e935418bd6c87c1a8ba
.dll windows:5 windows x86 arch:x86

095344f79d9356b9353d4ad4de81f368

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Projects\卿伟伟打证机 - 2.0\测试dll\Release\Certificate.pdb

Imports

opencv_core2410

?fastFree@cv@@YAXPAX@Z
?deallocate@Mat@cv@@QAEXXZ
cvCreateImage
cvSetZero
cvSetImageROI
cvCopy
cvResetImageROI
cvReleaseImage
cvGetSize
?_interlockedExchangeAdd@cv@@YAHPAHH@Z

opencv_highgui2410

??0VideoCapture@cv@@QAE@H@Z
cvLoadImage
??1VideoCapture@cv@@UAE@XZ
?set@VideoCapture@cv@@UAE_NHN@Z
cvCreateCameraCapture
cvQueryFrame
cvReleaseCapture
cvSaveImage

opencv_imgproc2410

cvGetQuadrangleSubPix

kernel32

FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetThreadPriority
ResumeThread
WritePrivateProfileStringA
CreateActCtxW
GlobalFindAtomA
GetModuleFileNameW
InterlockedDecrement
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
InterlockedIncrement
GetCurrentDirectoryA
GetSystemDirectoryW
lstrcpyA
GlobalFlags
DeleteFileA
lstrcmpiA
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetACP
GetCPInfo
GetOEMCP
GetTempFileNameA
GetTempPathA
GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetWindowsDirectoryA
GetNumberFormatA
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
FindNextFileA
GetSystemInfo
VirtualQuery
ExitProcess
ExitThread
CreateThread
HeapSize
HeapQueryInformation
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
SetHandleCount
GetStdHandle
GetStartupInfoW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeW
IsProcessorFeaturePresent
GetTimeZoneInformation
GetDriveTypeW
CompareStringW
LCMapStringW
WriteConsoleW
GetCurrentDirectoryW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
FindResourceA
FreeResource
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
CompareStringA
lstrcmpA
GetModuleHandleW
FreeLibrary
InterlockedExchange
GetCurrentProcessId
ActivateActCtx
DeactivateActCtx
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
MultiByteToWideChar
FindClose
GlobalGetAtomNameA
VirtualAlloc
GlobalAddAtomA
WaitForSingleObject
CreateDirectoryA
EscapeCommFunction
SetCommTimeouts
FlushFileBuffers
ReadFile
ClearCommError
WriteFile
ReleaseMutex
CloseHandle
CreateMutexA
SetCommState
SetCommConfig
GetCommState
GetCommConfig
GetLastError
CreateFileA
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLocalTime
Sleep
GetPrivateProfileIntA
GetModuleFileNameA
GetModuleHandleA
ReleaseActCtx

user32

GetMenuItemInfoA
DestroyMenu
CopyImage
IsIconic
DestroyIcon
IsRectEmpty
OffsetRect
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
CreatePopupMenu
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
GetSystemMenu
SetCapture
ReleaseCapture
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
MapVirtualKeyA
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
GetNextDlgGroupItem
TranslateAcceleratorA
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UnionRect
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
SetMenuItemBitmaps
GetWindowRgn
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
SetLayeredWindowAttributes
SetForegroundWindow
ShowScrollBar
RedrawWindow
CharUpperA
ValidateRect
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetWindowRect
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
CopyRect
PtInRect
GetWindow
RegisterWindowMessageA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
PeekMessageA
UpdateWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
PostMessageA
PostQuitMessage
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
EnumDisplayMonitors
SystemParametersInfoA
SetRectEmpty
DeleteMenu
LoadCursorA
GetSystemMetrics
GetSysColorBrush
UnregisterClassA
ShowOwnedPopups
SetCursor
GetMessageA
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
IntersectRect
InflateRect
KillTimer
SetTimer
InvalidateRect
RealChildWindowFromPoint
IsWindowVisible
LoadCursorW
SetWindowsHookExA
CallNextHookEx
GetClassLongA
TranslateMessage
GetScrollPos
EnableWindow
LoadImageA
SetRect
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetCursorPos
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetWindowPos

gdi32

SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
RestoreDC
GetLayout
SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
SetBkMode
CreateDCA
StartDocA
GetDeviceCaps
StartPage
GetObjectA
CreateCompatibleDC
GetMapMode
StretchBlt
EndPage
EndDoc
AbortDoc
SetPaletteEntries
ExtFloodFill
SaveDC
SetPixelV
GetTextFaceA
SetBkColor
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetTextExtentPoint32A
PatBlt
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
CreateRectRgnIndirect
CreateCompatibleBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
DPtoLP
CreateDIBitmap
CreateFontIndirectA
CopyMetaFileA

shell32

SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA
DragFinish
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
ShellExecuteA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

StrToIntA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindExtensionA

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipAlloc
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdiplusShutdown
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipFree

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

ole32

CoInitialize
CoUninitialize
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
DoDragDrop
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoCreateInstance
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VarBstrFromDate
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString

Exports

Exports

AgainDeliverBook
CallBack
CallBackToPrinter
CheckBoxStatus
CheckDeliverBookStatus
CheckNeedlePrinterPaperStatus
CheckNeedlePrinterStatus
CheckPageTurnStatus
CheckPhotoSize
CloseCamera
CloseDevice
CloseNeedlePrinterPort
ClosePageTurnPort
FourDeliverBook
GetChannelFeedSignalRev
HeChBMP
NeedlePrinterExitBook
OneDeliverBook
OpenCamera
OpenDevice
OpenNeedlePrinterPort
OpenPageTurnPort
PhotoGraph
PhotoIdent
PrintBitmapFHT
PrintBitmapQR
PrintBitmapZDT
PrintHeadExit
PubBook
RecognitionNo
ResetPageTurn
Restartprinter
Seal
Senddata
ThirdPrint
ThreeDeliverBook
TwoDeliverBook
XuanImage
bmpzoom
paizhao
paizhao1
paizhao2
pintword
stopTongdao

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

095344f79d9356b9353d4ad4de81f368

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opencv_core2410

opencv_highgui2410

opencv_imgproc2410

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 264KB - Virtual size: 264KB

.data Size: 22KB - Virtual size: 51KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 163KB - Virtual size: 163KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 264KB - Virtual size: 264KB

.data
Size: 22KB - Virtual size: 51KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 163KB - Virtual size: 163KB

.rmnet
Size: 56KB - Virtual size: 60KB