4d81c519508c01e1ddf7de98b88d5b2febe420dabbf5da0364ed745e1d5a9cda

Sharing

Copy URL Twitter E-mail

General

Target

4d81c519508c01e1ddf7de98b88d5b2febe420dabbf5da0364ed745e1d5a9cda
Size

3.4MB
MD5

656d6c43355b758cd82e460def4bac98
SHA1

2e5f02d8722b0778518bfc40b4a2afed04f0f691
SHA256

4d81c519508c01e1ddf7de98b88d5b2febe420dabbf5da0364ed745e1d5a9cda
SHA512

d9338b72425738fcaf693578758e812f168a059a9a8a0bb25e076ca9f886d2424c7b0958d1135234d769482d452d0f3929fb7d6b726a5be41e79dbee20b6be83
SSDEEP

24576:J8LhyzXQIg5yvk1nnlYWmv482DvfjkW/Bz9gFAXNwClAPWVwoY5sSagxyCbRT4dO:aboCuPWVwoY5sSagxtT4dYgb7/hBBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d81c519508c01e1ddf7de98b88d5b2febe420dabbf5da0364ed745e1d5a9cda

Files

4d81c519508c01e1ddf7de98b88d5b2febe420dabbf5da0364ed745e1d5a9cda
.dll windows:5 windows x86 arch:x86

50671ea05539dd5cdc2f9abf83e4db9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\ConfigDLL9935B_10.46_fix55\Release\configDLL6619.pdb

Imports

kernel32

GetLocaleInfoA
GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
GetCommandLineA
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
HeapSize
Sleep
ExitProcess
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GlobalAddAtomA
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LoadLibraryA
GetCurrentThreadId
CloseHandle
GlobalFlags
InterlockedIncrement
GetModuleHandleW
CompareStringA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
lstrcmpA
GlobalGetAtomNameA
FreeLibrary
InterlockedDecrement
GetModuleHandleA
GetProcAddress
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
GetLastError
SetLastError
lstrlenA
GetPrivateProfileSectionNamesA
GetModuleFileNameA
LockResource
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
GetPrivateProfileIntA
LoadResource
SetUnhandledExceptionFilter
FindResourceA

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

DestroyMenu
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
SetWindowPos
SetWindowLongA
IsWindow
GetDlgItem
GetFocus
CreateWindowExA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetWindowTextA
MessageBoxA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA

gdi32

SetBkColor
SetTextColor
DeleteDC
CreateBitmap
GetStockObject
RestoreDC
DeleteObject
SaveDC
OffsetViewportOrgEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetClipBox
SetMapMode
SetViewportExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

CreateGammaTable6619
Get16to16Mode
Get16to16Version
Get16to16VersionList
Get32Port
Get3DPara
Get65535Align
Get9739Mode
Get9832VC
Get9832VR
Get9930Mode
Get9930SetValue
Get9931AddBrightMode
Get9936BSVBL
GetBackMode
GetBitsSubFrameNum
GetBlSel
GetBrightBF
GetBrightUtilization6619
GetBrightness6619
GetChipMode
GetClockPhase6619
GetColBankingTime
GetColBankingWaitingTime
GetColBlankingStatus6619
GetColBlankingStatusNew
GetColReleaseTime
GetContrastness6619
GetControlCardID
GetControlInfor
GetCorrection
GetCurrent6619
GetCustomGamma
GetCustomGammaFlag
GetDataPhase
GetDecodeMode
GetDefaultDeltaK9929
GetDefaultGammaPara
GetDefaultPhase9929
GetDefaultRowPhase9929
GetDeltaK
GetDoubleClk
GetDutyRation
GetError
GetErrorBegin9929
GetFieldFrequence6619
GetFirstLine
GetFirstLine9929
GetFixValue
GetFlashIndex
GetGammaBits
GetGammaMax6619
GetGammaMode6619
GetGammaPara
GetGammaStart6619
GetGammaStartDefault6619
GetGammaStep6619
GetGearCurrent
GetGenParamBufLen6619
GetGenParamToBuf6619
GetGrayIndex
GetHighBitsNumList
GetHighFrequenceStatus
GetICNum9961
GetICNumPerLine
GetIPCamPara
GetIPVersion
GetIges
GetJianMode
GetLeakageIndex
GetLevelEnable
GetLibVerion
GetLineDecoderPara
GetLittleErrorMode
GetLowFirstLine
GetLowPower
GetMCup
GetMPad
GetMaxShiftLen
GetMinPulse
GetNew16to16
GetOEEndTime
GetOEHiLevel
GetOELoLevel
GetOpenDetection
GetOpenDetectionNew
GetPCBVersion
GetPadInfor9961
GetParaTable
GetPreCurrent
GetPreSet9929
GetPreSetList9929
GetRGBSeq9929
GetRange
GetRefreshRateList6619
GetRegByName
GetRegTable
GetResistance
GetRowBankVoltage
GetRowBankingMode
GetRowDownTime
GetRowDutyRation
GetRowJiangPing
GetRowMode
GetRowOEDelay
GetRowOEPara
GetRowPhase
GetRowPullVoltage
GetRowPullVoltageCut
GetRowReverseFlag
GetScanNum6619
GetSelVds
GetShiftClock6619
GetShiftClockList6619
GetShiftLen6619
GetShut
GetStartColor
GetStartRefreshRateList
GetStartScan
GetSunPara
GetSystemClock6619
GetTestMode6619
GetTotalLine
GetUnitNum9961
GetVersion6619
LS9004GetCCPara
LS9004SetCCPara
LS9004TransCccoefReverseV2
LS9004TransDataV2
LS9904CalitoData
LS9904CalitoData_v2
LS9904CalitoData_v3
LS9904CalitoData_v4
LS9904CalitoData_v5
LS9904MultiCccoef
LS9904ReadCCFile2Short
LS9904ScalerRgb
LS9904Uv3toCccoefV2
LS9904Vu3toCali
LS9937GetCCPara
LS9937SetCCPara
LS9937TransCccoef
LS9937TransCccoefReverse
LS9937TransCccoefReverseV2
LS9937TransData
LS9937TransDataReverse
LS9937TransDataV2
ReadLine
Set16to16Mode
Set16to16Version
Set32Port
Set3DPara
Set65535Align
Set9739Mode
Set9832VC
Set9832VR
Set9930Mode
Set9930SetValue
Set9931AddBrightMode
Set9936BSVBL
SetBackMode
SetBlSel
SetBrightBF
SetBrightness6619
SetClockPhase6619
SetColBankingTime
SetColBankingWaitingTime
SetColBlankingStatus6619
SetColBlankingStatusNew
SetColReleaseTime
SetControlCardID
SetCorrection
SetCurrent6619
SetCustomGammaFlag
SetDataPhase
SetDecodeMode
SetDeltaK
SetDoubleClk
SetDutyRation
SetError
SetErrorBegin9929
SetFieldFrequence6619
SetFirstLine
SetFirstLine9929
SetFixValue
SetFlashIndex
SetGammaBits
SetGammaMode6619
SetGammaPara
SetGammaStart6619
SetGammaStep6619
SetGearCurrent
SetGrayIndex
SetHighBitsNum
SetHighFrequenceStatus
SetICNum9961
SetICNumPerLine
SetIPCamPara
SetIPVersion
SetIges
SetJianMode
SetLeakageIndex
SetLevelEnable
SetLineDecoderPara
SetLittleErrorMode
SetLowFirstLine
SetLowPower
SetMCup
SetMPad
SetMinPulse
SetNew16to16
SetNovaPortPhase
SetOEHiLevel
SetOELoLevel
SetOpenDetection
SetOpenDetectionNew
SetPCBVersion
SetPadInfor9961
SetPreCurrent
SetPreSet9929
SetRGBSeq9929
SetRefreshRate6619
SetRegByName
SetResistance
SetRowBankVoltage
SetRowBankingMode
SetRowDownTime
SetRowDutyRation
SetRowJiangPing
SetRowMode
SetRowOEDelay
SetRowOEPara
SetRowPhase
SetRowPullVoltage
SetRowPullVoltageCut
SetScanNum6619
SetScanTxtPath
SetSelVds
SetShiftClock6619
SetShiftLen6619
SetShut
SetStartColor
SetStartRefreshRate
SetStartScan
SetSunPara
SetSystemClock6619
SetTempFilePath
SetTestData
SetTestMode6619
SetTotalLine
SetUnitNum9961
WriteLine
_CreateGammaTable990X@28
_Get16to16Mode990X@4
_Get3DPara990X@8
_Get9904New@4
_GetBitsSubFrameNum990X@12
_GetBrightBF990X@4
_GetBrightUtilization990X@4
_GetClockPhase990X@4
_GetContrastness990X@4
_GetControlCardID990X@4
_GetCorrection990X@4
_GetCurrent990X@12
_GetCustomGammaFlag990X@4
_GetDefaultDeltaK990X@4
_GetDefaultGammaPara990X@8
_GetDefaultPhase990X@4
_GetDeltaK990X@4
_GetDoubleClk990X@4
_GetDutyRation990X@8
_GetError990X@20
_GetFieldFrequence990X@4
_GetFixValue990X@8
_GetGammaMax990X@4
_GetGammaMode990X@4
_GetGammaPara990X@4
_GetGammaStart990X@4
_GetGammaStartDefault990X@4
_GetGammaStep990X@4
_GetGearCurrent990X@4
_GetGenParamBufLen990X@12
_GetGenParamToBuf990X@8
_GetHighBitsNumList990X@12
_GetICNumPerLine990X@4
_GetIPVersion990X@4
_GetLowPower990X@4
_GetMPad990X@12
_GetMaxShiftLen990X@4
_GetMinPulse990X@4
_GetParaTable990X@4
_GetPreCurrent990X@12
_GetPrePullValue990X@12
_GetRGBSeq990X@4
_GetRefreshRateList990X@12
_GetRegByName990X@8
_GetSelVds990X@12
_GetShiftClock990X@4
_GetShiftClockList990X@8
_GetShiftLen990X@4
_GetStartRefreshRateList990X@12
_GetSystemClock990X@4
_GetVersion990X@4
_Ls9004GetCCPara@24
_Ls9004SetCCPara@24
_Ls9004TransCccoefReverseV2@56
_Ls9004TransDataV2@56
_Ls9904CalitoData@28
_Ls9904CalitoData_v2@32
_Ls9904CalitoData_v3@40
_Ls9904CalitoData_v4@40
_Ls9904CalitoData_v5@44
_Ls9904ReadCCFile2Short@16
_Ls9904Vu3toCali@28
_Ls9904calidatatrans@20
_Ls9904getportcalibyblk@48
_Ls9904multiccCoef@12
_Ls9904scaler_rgb@52
_Ls9904uv3tocccoefV2@12
_ReadLine990X@8
_Set16to16Mode990X@4
_Set3DPara990X@4
_Set9904New@4
_SetBrightBF990X@4
_SetClockPhase990X@4
_SetControlCardID990X@4
_SetCorrection990X@4
_SetCurrent990X@12
_SetCustomGammaFlag990X@4
_SetDeltaK990X@8
_SetDoubleClk990X@4
_SetDutyRation990X@4
_SetError990X@36
_SetFieldFrequence990X@4
_SetFixValue990X@12
_SetGammaMode990X@4
_SetGammaPara990X@8
_SetGammaStart990X@4
_SetGammaStep990X@4
_SetGearCurrent990X@4
_SetHighBitsNum990X@4
_SetICNumPerLine990X@4
_SetIPVersion990X@8
_SetLowPower990X@4
_SetMPad990X@12
_SetMinPulse990X@4
_SetNovaPortPhase990X@4
_SetPreCurrent990X@12
_SetPrePullValue990X@12
_SetRGBSeq990X@4
_SetRefreshRate990X@4
_SetRegByName990X@8
_SetSelVds990X@12
_SetShiftClock990X@8
_SetShiftLen990X@4
_SetStartRefreshRate990X@4
_SetSystemClock990X@4
_SetTempFilePath990X@4
_WriteLine990X@8
_getConfigBuffer990X@8
_iniDLL990X@4
_loadConfigBuffe990X@8
_uniniDLL990X@4
getConfigBuffer6619
iniDLL6619
loadConfigBuffer6619
uniniDLL6619

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 34.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50671ea05539dd5cdc2f9abf83e4db9c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

oleacc

user32

gdi32

winspool.drv

oleaut32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 157KB - Virtual size: 156KB

.data Size: 1.4MB - Virtual size: 34.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 236KB - Virtual size: 236KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 157KB - Virtual size: 156KB

.data
Size: 1.4MB - Virtual size: 34.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 236KB - Virtual size: 236KB