b9c735e2c4cff96bc6bb9ef0900aeffd6c65cf1aa6aae19a27b39e33e1241276

Sharing

Copy URL Twitter E-mail

General

Target

b9c735e2c4cff96bc6bb9ef0900aeffd6c65cf1aa6aae19a27b39e33e1241276
Size

543KB
MD5

b36bfddc721eca09eeae722136f77e90
SHA1

2f5fc855690a29999951dcdd9aebe9e87147f624
SHA256

b9c735e2c4cff96bc6bb9ef0900aeffd6c65cf1aa6aae19a27b39e33e1241276
SHA512

0255d616ebfcbd7f1b7c99bf1f6e24eadc0807f82db8281b389d3aec9d28c08589b3c3eb37df9c9231b77e00c83997dc4b49e71fb8412c021ee5280fe49efd80
SSDEEP

6144:y1hAkFgdEJVBlTv165MO5FqGRG+fnXnRIBpv753HStW5lfrWQwhmLNRgi:SYEJVBlTvM5D5FtPXRQ753yWwhOb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c735e2c4cff96bc6bb9ef0900aeffd6c65cf1aa6aae19a27b39e33e1241276

Files

b9c735e2c4cff96bc6bb9ef0900aeffd6c65cf1aa6aae19a27b39e33e1241276
.dll windows:6 windows x86 arch:x86

f33a92b9502b46ff151eee268c1a02d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Test\SDK\SDK-Output\InnoCareAPI.pdb

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
InitializeConditionVariable
WaitForSingleObject
CreateSemaphoreW
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
Sleep
GetComputerNameA
ReleaseSemaphore
GetLastError
SetThreadPriority
CreateThreadpool
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
EnterCriticalSection
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroup
AcquireSRWLockExclusive
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
InitializeSRWLock
GetLocalTime
GetCurrentThreadId
SetComputerNameA
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
SetWaitableTimer
CreateWaitableTimerW
SetLocalTime
GetStartupInfoW
TryAcquireSRWLockShared
TryAcquireSRWLockExclusive
CloseThreadpool
CloseHandle
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW

iphlpapi

SendARP
NotifyIpInterfaceChange
GetAdaptersAddresses

ws2_32

WSAGetLastError
gethostname
accept
bind
closesocket
connect
ioctlsocket
getsockname
htonl
htons
listen
ntohs
recvfrom
send
sendto
setsockopt
shutdown
socket
WSAStartup
WSAPoll

winmm

timeBeginPeriod
timeEndPeriod

vcruntime140

memset
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
memmove
_except_handler4_common
memcpy
memcmp

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-runtime-l1-1-0

_cexit
_errno
_endthreadex
_beginthreadex
_initterm
_initterm_e
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit

api-ms-win-crt-stdio-l1-1-0

fread
_getcwd
puts
__stdio_common_vfprintf_s
fputs
fwrite
fopen_s
fclose
ftell
fseek
fflush
__acrt_iob_func
fopen
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-filesystem-l1-1-0

remove
_findclose
_findfirst64i32
_findnext64i32
_stat64i32

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-string-l1-1-0

strcmp
strcpy_s
strlen
strcat
strcat_s

api-ms-win-crt-time-l1-1-0

_time64
_localtime64

api-ms-win-crt-math-l1-1-0

_except1

Exports

Exports

Ida_ApplyNetworkConfig
Ida_DetachFpd
Ida_FreeMemory
Ida_GetImageModuleConfig
Ida_RegisterNotifyCallback
Ida_RegisterOpCallback
Ida_SetImageModuleConfig
Ida_StartManualMode
Ida_StopAedOneMode
Ies_IdcpClientBind
Ies_IdcpClientBulkCancel
Ies_IdcpClientBulkOpen
Ies_IdcpClientCancelRequest
Ies_IdcpClientClose
Ies_IdcpClientDiscover
Ies_IdcpClientDo
Ies_IdcpClientFree
Ies_IdcpClientGetCtrl
Ies_IdcpClientIsConnected
Ies_IdcpClientNew
Ies_IdcpClientNotifyMulti
Ies_IdcpClientOpen
Ies_IdcpClientPush
Ies_IdcpClientRelease
Ies_IdcpClientRequestMulti
Ies_IdcpClientSetBulkArg
Ies_IdcpClientSetCtrl
Ies_IdcpCrc32
Ies_IdcpCrc32Continue
Ies_IppAdjustLineH
Ies_IppAdjustLineV
Ies_IppCorrect
Ies_IppCorrectAed
Ies_IppCorrectFlat
Ies_IppCorrectLineH
Ies_IppCorrectLineV
Ies_IppCorrectOffset
Ies_IppCorrectPoint
Ies_IppCorrectPointMap
Ies_IppDarkDo
Ies_IppDarkFree
Ies_IppDarkGenerate
Ies_IppDarkNew
Ies_IppDarkSetLoop
Ies_IppDarkSetMean
Ies_IppDarkSetSigma
Ies_IppDefectAdd
Ies_IppDefectAddLineH
Ies_IppDefectAddLineV
Ies_IppDefectChkBlackWhite
Ies_IppDefectChkFloatingV
Ies_IppDefectChkTcluster
Ies_IppDefectDelLineH
Ies_IppDefectDelLineV
Ies_IppDefectEval
Ies_IppDefectEvalClass
Ies_IppDefectEvalDensity
Ies_IppDefectEvalDensityDo
Ies_IppDefectEvalDensityFree
Ies_IppDefectEvalDensityNew
Ies_IppDefectEvalExclusiveClass
Ies_IppDefectEvalIncrease
Ies_IppDefectEvalLineMap
Ies_IppDefectEvalPoint
Ies_IppDefectSub
Ies_IppDummyRemove
Ies_IppEdgeChk
Ies_IppEdgeSet
Ies_IppEquGenPart8
Ies_IppEquHistogram8
Ies_IppEquLeft8
Ies_IppEquRight8
Ies_IppEvalAreaMean
Ies_IppEvalAreaMean100
Ies_IppEvalAreaSigma
Ies_IppEvalGain
Ies_IppEvalHistogram
Ies_IppEvalHistogram16
Ies_IppEvalLineMeanH
Ies_IppEvalLineMeanH100
Ies_IppEvalLineMeanV
Ies_IppEvalLineMeanV100
Ies_IppEvalLineModeH
Ies_IppEvalLineModeV
Ies_IppEvalLineSigmaH
Ies_IppEvalLineSigmaV
Ies_IppEvalMean
Ies_IppEvalMode
Ies_IppEvalMode16
Ies_IppEvalRawMode
Ies_IppEvalRms
Ies_IppEvalRms16
Ies_IppEvalScale
Ies_IppEvalSigma
Ies_IppEvalSlope
Ies_IppFilter
Ies_IppMeanDoIn
Ies_IppMeanDoOut
Ies_IppMeanFree
Ies_IppMeanGenerate
Ies_IppMeanGenerateRaw
Ies_IppMeanLoad
Ies_IppMeanNew
Ies_IppMeanSave
Ies_IppMeanUpdate
Ies_IppMeanUpdateRaw
Ies_IppMultiDoseCorrectFlat
Ies_IppNoiseFree
Ies_IppNoiseGenerateRaw
Ies_IppNoiseNew
Ies_IppNoiseUpdateRaw
Ies_IppRawAreaMean
Ies_IppRawAreaSigma
Ies_IppRawClear
Ies_IppRawFillVaue
Ies_IppRawFree
Ies_IppRawMean
Ies_IppRawNew
Ies_IppRawReset
Ies_IppRawSigma
Ies_IppSigmaDoIn
Ies_IppSigmaDoOut
Ies_IppSigmaDoOut10
Ies_IppSigmaFree
Ies_IppSigmaGenerate
Ies_IppSigmaGenerateRaw
Ies_IppSigmaGenerateRaw10
Ies_IppSigmaLoad
Ies_IppSigmaNew
Ies_IppSigmaSave
Ies_IppSigmaUpdate
Ies_IppSigmaUpdateRaw
Ies_IppSubMeanDoIn
Ies_IppSubMeanDoOut
Ies_IppSubMeanFree
Ies_IppSubMeanGenerate
Ies_IppSubMeanLoad
Ies_IppSubMeanNew
Ies_IppSubMeanSave
Ies_IppSubMeanUpdate
Ies_IppSubMeanUpdateRaw
Ies_IppSubSigmaDoIn
Ies_IppSubSigmaDoOut
Ies_IppSubSigmaFree
Ies_IppSubSigmaGenerate
Ies_IppSubSigmaLoad
Ies_IppSubSigmaNew
Ies_IppSubSigmaSave
Ies_IppSubSigmaUpdate
Ies_IppSubSigmaUpdateRaw
InxConnectFpd
InxDisconnectFpd
InxDiscoverFpd
InxGetAllFpdSpec
InxGetApiVersion
InxGetCalibrationMapList
InxGetDiagAngle
InxGetDiagGsensor
InxGetDiagHumidity
InxGetDiagMotion
InxGetDiagPressure
InxGetDiagPrimaryBattery
InxGetDiagSecondaryBattery
InxGetDiagStoredImage
InxGetDiagTemperature
InxGetFpdAccCalibration
InxGetFpdAccelerometer
InxGetFpdApsignal
InxGetFpdEncapId
InxGetFpdEthConfig
InxGetFpdGyroCalibration
InxGetFpdGyroscope
InxGetFpdHwCondition
InxGetFpdKernelInfo
InxGetFpdMagnetCalibration
InxGetFpdMagnetometer
InxGetFpdOrient
InxGetFpdPanelId
InxGetFpdPosition
InxGetFpdPowerSource
InxGetFpdProductId
InxGetFpdSpec
InxGetFpdStatus
InxGetFpdSubSysCommunication
InxGetFpdTime
InxGetFpdWifiConfig
InxGetFpdWifiModule
InxGetHotSwapDuration
InxGetImageSpec
InxGetLogFile
InxGetScanAccessPointList
InxGetSubSysFunctionControl
InxInitializeRuntime
InxOPAedRepeat
InxOpAedOneShot
InxOpAedRepeat
InxOpCancelOperation
InxOpCheckImageStore
InxOpDischarge
InxOpEnterOperationMode
InxOpExitOperationMode
InxOpGetFpdImage
InxOpGetFpdImage2
InxOpGetFpdImageToFile
InxOpGetFpdImageToFile2
InxOpGetImageList
InxOpImageAcquisition
InxOpImageAcquisitionMulti
InxOpReset
InxOpStartTomosyn
InxOpSwSyncExposure
InxOpSwSyncPrepare
InxOpSwSyncPrepareMulti
InxOpSwSyncStart
InxReadAllAclkRegister
InxReadAllControlRegister
InxReadAllRoicRegister
InxReadConnectBulkSync
InxReadConnectReachSetting
InxReadConnectSetting
InxReadControlRegister
InxReadFpdPatientId
InxReadFpdSshInfo
InxReadFpdSshRootService
InxReadNetworkStatus
InxReadRoicRegisterNum
InxReadTpAlarm
InxReadlAclkRegisterNum
InxReadlControlRegisterNum
InxReceiveCalibrationMap
InxReceiveCalibrationMap2
InxResetEEPROM
InxSendCalibrationMap
InxSendCalibrationMap2
InxSetBulkCancel
InxSetFpdAccCalibration
InxSetFpdAutoAligment
InxSetFpdEthConfig
InxSetFpdGyroCalibration
InxSetFpdMagnetCalibration
InxSetFpdTime
InxSetFpdWifiConfig
InxSetHotSwapDuration
InxSetLogFolder
InxSetSubSysFunctionControl
InxSysClearAllConfiguration
InxSysClearCalibrationData
InxSysClearEventLog
InxSysClearHistoryLog
InxSysClearImageData
InxSysClearUserConfiguration
InxSysReboot
InxSysRestoreConf
InxTerminateRuntime
InxUpdateFirmware
InxUpdateFirmwareByFile
InxUtilityAddDefectPoint
InxUtilityAddLineDefectH
InxUtilityAddLineDefectV
InxUtilityCorrectImage
InxUtilityCorrectImageByPath
InxUtilityGenCalibrationMaps
InxUtilityGenCalibrationMapsOffsetCorrect
InxUtilityMultiDoseCorrectImage
InxUtilityMultiDoseCorrectImageByPath
InxUtilityParseImageData
InxUtilityReadFile
InxUtilitySecond2TimeStruct
InxUtilityTimeStruct2Second
InxUtilityWriteFile
InxUtilityWriteImageFile
InxWriteAllAclkRegister
InxWriteAllControlRegister
InxWriteAllRoicRegister
InxWriteConnectBulkSync
InxWriteConnectReachSetting
InxWriteConnectSetting
InxWriteControlRegister
InxWriteFpdSshInfo
InxWriteFpdSshRootService
InxWriteTpAlarm
gIesIdcpBroadcast4

Sections

.textbss
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f33a92b9502b46ff151eee268c1a02d1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

iphlpapi

ws2_32

winmm

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.textbss Size: - Virtual size: 219KB

.text Size: 457KB - Virtual size: 456KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 15KB - Virtual size: 361KB

.idata Size: 6KB - Virtual size: 5KB

.msvcjmc Size: 8KB - Virtual size: 8KB

.00cfg Size: 512B - Virtual size: 260B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 18KB - Virtual size: 17KB

.textbss
Size: - Virtual size: 219KB

.text
Size: 457KB - Virtual size: 456KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 15KB - Virtual size: 361KB

.idata
Size: 6KB - Virtual size: 5KB

.msvcjmc
Size: 8KB - Virtual size: 8KB

.00cfg
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 18KB - Virtual size: 17KB