7f7564e730592512ac8d05a200b25e215305ffdf4ec271eea43cd9819e32805e

Sharing

Copy URL Twitter E-mail

General

Target

7f7564e730592512ac8d05a200b25e215305ffdf4ec271eea43cd9819e32805e
Size

3.8MB
MD5

6754f6fe5dee1366a2368072d74dd400
SHA1

c2ee9cb5dc353b89f4981453c1ef47ba27c83753
SHA256

7f7564e730592512ac8d05a200b25e215305ffdf4ec271eea43cd9819e32805e
SHA512

e46ec758fc3764011e9b7616739bc9fc11713c4b5d3e576513811d0d906e8c38f174731b28c2542a1e8d4a9380c988b2a24a6c03750586b1d0c04221c6de3077
SSDEEP

98304:+5kiEFbJ6dQl2KRxEcUUVtO3v4OiZrq1DfPHNADtV6v+2gYJbKI/:QEFbJvYtoO3v4O7NADtV6v+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f7564e730592512ac8d05a200b25e215305ffdf4ec271eea43cd9819e32805e

Files

7f7564e730592512ac8d05a200b25e215305ffdf4ec271eea43cd9819e32805e
.exe windows:6 windows x86 arch:x86

ebf1f0f517a60fe455e3233a4584c055

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\NwtRecv\赖泰晖\usb_upgrade_tool(1)\vc2012\Release\usb_ota_tool.pdb

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA

kernel32

LCMapStringW
GetConsoleMode
SetFilePointerEx
GetStdHandle
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
GetStringTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
GetTimeZoneInformation
GetConsoleCP
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetEnvironmentStringsW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
Sleep
GetTempFileNameA
GetTempPathA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
FindResourceExW
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
GetACP
GetFileSize
GetFileAttributesA
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
DeleteFileA
GetCurrentDirectoryA
GetThreadLocale
FileTimeToSystemTime
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
SuspendThread
SetThreadPriority
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
InitializeCriticalSectionAndSpinCount
lstrcmpA
GetVersionExA
GetCurrentThread
CopyFileA
FormatMessageA
LocalFree
GlobalFree
GlobalSize
GlobalAlloc
GetModuleFileNameA
GetCurrentProcessId
MulDiv
GlobalUnlock
GlobalLock
CompareStringA
MultiByteToWideChar
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
LoadLibraryW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
CloseHandle
ResumeThread
FindResourceA
GetOverlappedResult
ResetEvent
WaitForSingleObject
WriteFile
CreateEventA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetTickCount
ReadFile
SetEvent
CreateFileA
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FreeEnvironmentStringsW
SetEnvironmentVariableA
CreateFileW
WriteConsoleW
HeapQueryInformation

user32

CopyAcceleratorTableA
CharNextA
DeleteMenu
LoadCursorW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
GetAsyncKeyState
RealChildWindowFromPoint
LoadCursorA
CopyImage
IntersectRect
SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
SetRectEmpty
InvalidateRect
SetCursor
ShowOwnedPopups
TranslateMessage
GetMessageA
GetCursorPos
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
DrawIconEx
IsRectEmpty
OffsetRect
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawStateA
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
GetWindowThreadProcessId
FillRect
ClientToScreen
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
InvalidateRgn
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
OpenClipboard
CloseClipboard
SetClipboardData
GetUpdateRect
UpdateLayeredWindow
LoadAcceleratorsA
TranslateAcceleratorA
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
TrackMouseEvent
IsZoomed
CharUpperA
LoadMenuW
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
GetKeyState
GetFocus
SetRect
GetNextDlgGroupItem
MessageBeep
SetLayeredWindowAttributes
EnumDisplayMonitors
SetParent
ShowWindow
MonitorFromPoint
EnableWindow
GetSysColor
RedrawWindow
UnregisterClassA
LoadIconW
SendMessageA
SetTimer
GetSystemMenu
AppendMenuA
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
SetClassLongA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
IsChild
DestroyWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetDlgItem
GetDlgCtrlID
SetFocus
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
GetKeyNameTextA
SubtractRect
CharUpperBuffA
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
HideCaret
InvertRect
CreateMenu
DestroyCursor
GetWindowRgn
DestroyAcceleratorTable
ModifyMenuA
SetMenuDefaultItem
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar

gdi32

GetDeviceCaps
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileA
CreateDCA
CombineRgn
CreateEllipticRgn
CreateRectRgnIndirect
Ellipse
GetBkColor
GetTextExtentPoint32A
PatBlt
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsA
CreateFontIndirectA
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExA
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
GetTextColor
DeleteDC
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
StrFormatKBSizeA

uxtheme

DrawThemeText
IsThemeBackgroundPartiallyTransparent
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
GetThemePartSize
DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor

ole32

OleIsCurrentClipboard
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
OleFlushClipboard

oleaut32

SysAllocStringLen
VariantClear
VariantInit
SysAllocString
OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringByteLen
SysFreeString
VariantChangeType

oledlg

ord8

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.5MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebf1f0f517a60fe455e3233a4584c055

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.4MB

.rdata Size: 311KB - Virtual size: 311KB

.data Size: 150KB - Virtual size: 176KB

.gfids Size: 107KB - Virtual size: 106KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 122KB - Virtual size: 122KB

.text
Size: 1.5MB - Virtual size: 1.4MB

.rdata
Size: 311KB - Virtual size: 311KB

.data
Size: 150KB - Virtual size: 176KB

.gfids
Size: 107KB - Virtual size: 106KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 122KB - Virtual size: 122KB