20a63e678a462e052d444d2891d537b0[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

20a63e678a462e052d444d2891d537b0.bin
Size

4.5MB
MD5

20a63e678a462e052d444d2891d537b0
SHA1

c5ae4efa1a382a3822f1a88126693eef74e45349
SHA256

927afa2f1316f34657d16697a3e0aa1fb810057c8c44dbb203d84d44cded88a3
SHA512

cdec33754474be82089cd38a7f4b00ba5b016a7fe83ebbc933ce25a2f9fb5fd19b76516c21f76e7499e72376d4b4f208dc73ffe690aac9298537c4e52723fd14
SSDEEP

98304:U3kSQ6zpUlfQDpyRGpaCeC07TKSjPy0uOouZ51sShUUnAZk3PRUR6K:dWGljGOHXuOou/99AKfnK

Score

1^/10

Malware Config

Signatures

Files

20a63e678a462e052d444d2891d537b0.bin
.exe windows:5 windows x86 arch:x86

77b713b48ae13d39639c0f49d7055a92

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:f2:95:8d:31:d0:3e:b0:42:f9:08:15:55:30:52:77
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

16/03/2010, 00:00

Not After

15/03/2013, 23:59

Subject

CN=360.cn,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=360.cn,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

97:20:63:43:a6:45:8e:ed:25:d4:3b:f3:0c:0b:0b:96:e4:52:06:4d
Signer

Actual PE Digest

97:20:63:43:a6:45:8e:ed:25:d4:3b:f3:0c:0b:0b:96:e4:52:06:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\360mobilemgr\branches\360MobileInfo_for_1621\bin\mobileMgr\Release\360MobileMgr.pdb

Imports

urlmon

CreateURLMoniker
URLDownloadToFileW
ObtainUserAgentString
RegisterBindStatusCallback

kernel32

GetTempFileNameW
CreateWaitableTimerW
SetWaitableTimer
SetEndOfFile
SetFileTime
TlsAlloc
TlsFree
InterlockedExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
ExpandEnvironmentStringsW
CreateProcessA
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
SetHandleInformation
GetThreadPriority
GetCurrentThread
WritePrivateProfileStringW
LoadLibraryExW
lstrcmpiW
LocalFree
OpenProcess
DeleteCriticalSection
InitializeCriticalSection
CreateFiber
lstrlenA
GetProcAddress
GetModuleHandleW
WideCharToMultiByte
FindFirstFileW
FindNextFileW
FindClose
GetPrivateProfileIntW
TerminateProcess
GetTempPathW
DeleteFileW
MultiByteToWideChar
GetLocalTime
FreeLibrary
LoadLibraryW
ConvertThreadToFiber
QueueUserWorkItem
CreateDirectoryW
SetEvent
InterlockedDecrement
ResetEvent
CancelWaitableTimer
WaitForMultipleObjects
TlsSetValue
IsBadWritePtr
OutputDebugStringW
RemoveDirectoryW
GetLongPathNameW
GetShortPathNameW
SetVolumeLabelW
SetEnvironmentVariableA
InterlockedIncrement
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetStringTypeA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleMode
GetConsoleCP
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
SetHandleCount
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetPrivateProfileSectionNamesW
CompareStringA
GetStringTypeW
LCMapStringW
LCMapStringA
GetCPInfo
MoveFileA
RtlUnwind
GetDateFormatA
GetTimeFormatA
FindFirstFileA
GetDriveTypeA
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
GetFileType
LocalFileTimeToFileTime
SetFilePointerEx
SetEnvironmentVariableW
OpenThread
FormatMessageW
IsProcessorFeaturePresent
HeapSize
HeapReAlloc
HeapDestroy
GetLocaleInfoA
DeleteFileA
AreFileApisANSI
GetTempPathA
GetVersionExA
GetDiskFreeSpaceA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
FlushFileBuffers
GetFileAttributesA
FormatMessageA
GetSystemTimeAsFileTime
LockFile
UnlockFile
InterlockedCompareExchange
QueryPerformanceCounter
GetFullPathNameA
GetProcessHeap
HeapFree
HeapAlloc
CreateFileA
ConnectNamedPipe
CreateNamedPipeW
CancelIo
GetProcessId
Thread32Next
Thread32First
SuspendThread
GetFileSizeEx
ReleaseMutex
GetPrivateProfileSectionW
GetStartupInfoW
CreatePipe
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
GetEnvironmentVariableW
SearchPathW
GetSystemInfo
CopyFileW
GetSystemTime
MoveFileW
GetTimeZoneInformation
VirtualFree
lstrcpyW
GetFullPathNameW
GlobalSize
TerminateThread
GetVersion
VirtualAlloc
IsBadReadPtr
ExitProcess
SetUnhandledExceptionFilter
GetDriveTypeW
GetLogicalDriveStringsW
MoveFileExW
SetFileAttributesW
GetFileAttributesW
GetDiskFreeSpaceExW
WaitForSingleObject
CreateThread
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
CreateEventW
DuplicateHandle
SystemTimeToFileTime
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateMutexW
GetPrivateProfileStringW
WriteFile
lstrcpynA
SetFilePointer
ReadFile
GetFileSize
GetModuleHandleA
lstrcmpiA
VirtualProtect
VirtualQuery
lstrcmpW
MulDiv
Sleep
GlobalAlloc
GlobalReAlloc
GlobalLock
SetLastError
SwitchToFiber
GetTickCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetLastError
GlobalUnlock
GlobalFree
GetVersionExW
FreeResource
RaiseException
FlushInstructionCache
GetCurrentProcess
CreateProcessW
CreateFileW
DeviceIoControl
CloseHandle
GetCurrentProcessId
GetModuleFileNameW
FindResourceExW
TlsGetValue
GetPrivateProfileStringA
GetExitCodeProcess
GetWindowsDirectoryW
GetSystemDirectoryW
FindNextFileA
ResumeThread
CompareStringW
SetThreadPriority
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
CreateDirectoryA
SetFileAttributesA
WriteConsoleW
LocalAlloc
GetOverlappedResult

user32

BeginPaint
ScreenToClient
SetTimer
DrawIconEx
SetWindowRgn
ReleaseCapture
SetCapture
GetCapture
UpdateWindow
InvalidateRect
OffsetRect
EndPaint
GetCursorPos
WindowFromPoint
SendMessageW
IsZoomed
ShowWindow
SetWindowTextW
LoadImageW
AdjustWindowRectEx
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
DestroyWindow
DefWindowProcW
SetWindowPos
IntersectRect
DrawTextW
SetCursor
CallWindowProcW
FillRect
GetClassLongW
UnregisterClassA
CreateIconIndirect
GetLastInputInfo
CreateDesktopW
GetThreadDesktop
GetUserObjectInformationW
CloseDesktop
OpenDesktopW
GetGUIThreadInfo
SendMessageTimeoutW
DestroyIcon
GetIconInfo
PostThreadMessageW
UnregisterDeviceNotification
IsWindowEnabled
ExitWindowsEx
GetWindowRgn
GetDlgCtrlID
SetFocus
GetAsyncKeyState
GetSystemMetrics
RedrawWindow
GetDlgItem
SetRect
LoadCursorW
PtInRect
DialogBoxIndirectParamW
FindWindowW
RegisterClassExW
MoveWindow
ClientToScreen
CreateWindowExW
GetClassInfoExW
IsChild
RegisterWindowMessageW
SystemParametersInfoW
GetActiveWindow
SetLayeredWindowAttributes
IsWindowVisible
SetForegroundWindow
GetWindowPlacement
RegisterDeviceNotificationW
IsIconic
CreateDialogIndirectParamW
TrackPopupMenu
GetDC
ReleaseDC
EndDialog
PostMessageW
SetWindowLongW
IsWindow
KillTimer
PostQuitMessage
ShowScrollBar
TrackPopupMenuEx
GetMenuState
GetKeyState
GetMenuItemCount
DrawEdge
GetMessagePos
RegisterClipboardFormatW
GetClipboardData
IsClipboardFormatAvailable
SetMenuItemBitmaps
SetParent
wsprintfW
FindWindowExW
SetRectEmpty
GetDoubleClickTime
EnableMenuItem
CheckMenuItem
CopyRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetScrollPos
ScrollWindow
GetScrollInfo
GetScrollRange
SetScrollInfo
EnumThreadWindows
InflateRect
GetWindowDC
MsgWaitForMultipleObjects
SendNotifyMessageW
LoadIconW
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetClassNameW
GetSysColor
CreateAcceleratorTableW
InvalidateRgn
DestroyAcceleratorTable
UpdateLayeredWindow
TrackMouseEvent
EqualRect
SetActiveWindow
EnableWindow
MessageBoxW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetForegroundWindow
GetWindowInfo
GetShellWindow
GetWindowThreadProcessId
GetAncestor
CharNextW
GetDesktopWindow
MonitorFromPoint
DestroyMenu
SetMenuDefaultItem
GetSubMenu
AppendMenuW
LoadMenuW
CreatePopupMenu

gdi32

CombineRgn
SelectClipRgn
CreatePatternBrush
CreateBitmap
RectVisible
SetBitmapBits
GetBitmapBits
PatBlt
SetWorldTransform
SetGraphicsMode
CreateFontW
GetDeviceCaps
SetBrushOrgEx
CreateDIBSection
CreateSolidBrush
ExtTextOutW
SetBkColor
GetStockObject
CreateFontIndirectW
CreatePen
LineTo
MoveToEx
IntersectClipRect
CreateRoundRectRgn
CreateRectRgn
SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
BitBlt
OffsetViewportOrgEx
SetViewportOrgEx
ExcludeClipRect
GetObjectW
SetBkMode
GetTextColor
GetClipBox
TextOutW
SetTextColor
GetTextExtentPoint32W
SelectObject
DeleteDC
CreateCompatibleDC
DeleteObject
PtInRegion
SetWindowOrgEx
DPtoLP
LPtoDP
GetDIBits
GetDIBColorTable

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
RegQueryValueW
RegEnumValueW
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptImportKey
SetNamedSecurityInfoW
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetTokenInformation
GetLengthSid
ConvertStringSidToSidW
GetTokenInformation
RegSetValueW
LookupPrivilegeValueW
AdjustTokenPrivileges
InitiateSystemShutdownW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
StartServiceW
ControlService
QueryServiceConfigW
ChangeServiceConfigW
RegOpenKeyExA
RegQueryValueExA
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegSetValueExA
CryptSetKeyParam

shell32

SHChangeNotify
SHGetPathFromIDListW
DragQueryFileW
ord165
ExtractIconW
SHBrowseForFolderW
ShellExecuteExW
Shell_NotifyIconW
DragFinish
SHGetFileInfoW
SHCreateDirectoryExW
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
DragAcceptFiles

ole32

DoDragDrop
OleSetClipboard
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
CoInitialize
OleInitialize
CLSIDFromString
CoTaskMemRealloc
CoTaskMemFree
OleRun
CoCreateGuid
CreateBindCtx
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoGetClassObject
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
OleUninitialize
CoUninitialize
GetHGlobalFromStream

oleaut32

SysAllocStringByteLen
VariantTimeToSystemTime
VariantChangeType
SafeArrayGetVartype
SafeArrayDestroy
GetErrorInfo
VariantCopy
SystemTimeToVariantTime
SysStringByteLen
SysFreeString
VarUI4FromStr
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
DispCallFunc
SafeArrayUnlock
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock

shlwapi

SHDeleteValueW
SHDeleteKeyW
StrStrNIW
StrStrW
PathFindExtensionW
StrRStrIW
PathRemoveFileSpecA
PathCombineW
PathRemoveFileSpecW
PathFileExistsW
PathIsDirectoryW
PathFindFileNameW
PathRemoveBackslashW
StrStrIW
StrCmpIW
SHSetValueW
StrStrIA
StrCmpNIW
StrChrW
PathAddBackslashW
SHAutoComplete
SHGetValueW
PathAppendW
StrCpyW
StrCmpW
PathBuildRootW
PathIsRootW
PathGetDriveNumberW

comctl32

ImageList_Draw
_TrackMouseEvent
ImageList_GetIcon
ImageList_Add
InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy

msimg32

GradientFill
AlphaBlend

gdiplus

GdipLoadImageFromFile
GdipDrawImageRectRectI
GdipSetSmoothingMode
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipCloneImage
GdipFree
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawRectangleI
GdipDeletePen
GdipCreatePen1
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromResource
GdipCreateBitmapFromFile
GdipAlloc

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Parent
CM_Get_Sibling
CM_Get_Device_IDW
CM_Get_Child
CM_Get_DevNode_Status
SetupDiGetDeviceRegistryPropertyW
CM_Reenumerate_DevNode
CM_Locate_DevNodeW
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

dbghelp

MakeSureDirectoryPathExists

psapi

GetModuleFileNameExA
EnumProcesses
EnumProcessModules
GetModuleFileNameExW

wininet

InternetGetConnectedState
InternetCrackUrlW
InternetQueryOptionW
InternetGetLastResponseInfoW
FtpCommandW
InternetWriteFile
HttpEndRequestW
FtpOpenFileW
InternetReadFileExA
InternetReadFile
InternetSetStatusCallbackW
InternetCloseHandle
InternetOpenW
InternetConnectW
InternetSetOptionA
InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
InternetSetCookieA
InternetAttemptConnect
HttpOpenRequestA
InternetConnectA
HttpSendRequestExA
DeleteUrlCacheEntryW
FtpGetFileSize
HttpQueryInfoW
HttpSendRequestExW
HttpOpenRequestW
InternetSetOptionW

iphlpapi

GetAdaptersInfo

ws2_32

WSAStartup
WSACleanup
WSAAsyncSelect
socket
ioctlsocket
setsockopt
htons
connect
WSAGetLastError
getsockopt
send
recv
closesocket
inet_addr
listen
gethostbyname
htonl
ntohl
ntohs
WSACreateEvent
bind
shutdown
WSAEventSelect
WSAEnumNetworkEvents
accept

Exports

Exports

??0AdbEndpointObject@@QAE@ABV0@@Z
??0AdbEndpointObject@@QAE@PAVAdbInterfaceObject@@EE@Z
??0AdbIOCompletion@@QAE@ABV0@@Z
??0AdbIOCompletion@@QAE@PAVAdbEndpointObject@@KPAX@Z
??0AdbInterfaceObject@@QAE@ABV0@@Z
??0AdbInterfaceObject@@QAE@PB_W@Z
??0AdbObjectHandle@@QAE@ABV0@@Z
??0AdbObjectHandle@@QAE@W4AdbObjectType@@@Z
??1AdbEndpointObject@@MAE@XZ
??1AdbIOCompletion@@MAE@XZ
??1AdbInterfaceObject@@MAE@XZ
??1AdbObjectHandle@@MAE@XZ
??4AdbEndpointObject@@QAEAAV0@ABV0@@Z
??4AdbIOCompletion@@QAEAAV0@ABV0@@Z
??4AdbInterfaceObject@@QAEAAV0@ABV0@@Z
??4AdbObjectHandle@@QAEAAV0@ABV0@@Z
??_7AdbEndpointObject@@6B@
??_7AdbIOCompletion@@6B@
??_7AdbInterfaceObject@@6B@
??_7AdbObjectHandle@@6B@
?AddRef@AdbObjectHandle@@UAEJXZ
?AsyncRead@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?AsyncWrite@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?CloseHandle@AdbObjectHandle@@UAE_NXZ
?CreateHandle@AdbObjectHandle@@UAEPAXXZ
?GetEndpointInformation@AdbEndpointObject@@UAE_NPAU_AdbEndpointInformation@@@Z
?GetInterfaceName@AdbInterfaceObject@@UAE_NPAXPAK_N@Z
?GetParentInterfaceHandle@AdbEndpointObject@@QBEPAXXZ
?GetParentObjectHandle@AdbIOCompletion@@QBEPAXXZ
?GetUsbConfigurationDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_CONFIGURATION_DESCRIPTOR@@@Z
?GetUsbDeviceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_DEVICE_DESCRIPTOR@@@Z
?GetUsbInterfaceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_INTERFACE_DESCRIPTOR@@@Z
?IsCompleted@AdbIOCompletion@@UAE_NXZ
?IsObjectOfType@AdbObjectHandle@@UBE_NW4AdbObjectType@@@Z
?IsOpened@AdbObjectHandle@@QBE_NXZ
?LastReferenceReleased@AdbObjectHandle@@MAEXXZ
?Lookup@AdbObjectHandle@@SAPAV1@PAX@Z
?Release@AdbObjectHandle@@UAEJXZ
?SyncRead@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?SyncWrite@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?Type@AdbEndpointObject@@SA?AW4AdbObjectType@@XZ
?Type@AdbIOCompletion@@SA?AW4AdbObjectType@@XZ
?Type@AdbInterfaceObject@@SA?AW4AdbObjectType@@XZ
?adb_handle@AdbObjectHandle@@QBEPAXXZ
?endpoint_id@AdbEndpointObject@@QBEEXZ
?endpoint_index@AdbEndpointObject@@QBEEXZ
?interface_name@AdbInterfaceObject@@QBEABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?object_type@AdbObjectHandle@@QBE?AW4AdbObjectType@@XZ
?overlapped@AdbIOCompletion@@QAEPAU_OVERLAPPED@@XZ
?parent_interface@AdbEndpointObject@@QBEPAVAdbInterfaceObject@@XZ
?parent_io_object@AdbIOCompletion@@QBEPAVAdbEndpointObject@@XZ
?usb_config_descriptor@AdbInterfaceObject@@QBEPBU_USB_CONFIGURATION_DESCRIPTOR@@XZ
?usb_device_descriptor@AdbInterfaceObject@@QBEPBU_USB_DEVICE_DESCRIPTOR@@XZ
?usb_interface_descriptor@AdbInterfaceObject@@QBEPBU_USB_INTERFACE_DESCRIPTOR@@XZ
AdbCloseHandle
AdbCreateInterface
AdbCreateInterfaceByName
AdbEnumInterfaces
AdbGetDefaultBulkReadEndpointInformation
AdbGetDefaultBulkWriteEndpointInformation
AdbGetEndpointInformation
AdbGetEndpointInterface
AdbGetInterfaceName
AdbGetOvelappedIoResult
AdbGetSerialNumber
AdbGetUsbConfigurationDescriptor
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbHasOvelappedIoComplated
AdbNextInterface
AdbOpenDefaultBulkReadEndpoint
AdbOpenDefaultBulkWriteEndpoint
AdbOpenEndpoint
AdbQueryInformationEndpoint
AdbReadEndpointAsync
AdbReadEndpointSync
AdbResetInterfaceEnum
AdbWriteEndpointAsync
AdbWriteEndpointSync
CreateSrvWnd
GetAdbInterfaceNum
GetPhoneUid

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77b713b48ae13d39639c0f49d7055a92

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

74:f2:95:8d:31:d0:3e:b0:42:f9:08:15:55:30:52:77Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

97:20:63:43:a6:45:8e:ed:25:d4:3b:f3:0c:0b:0b:96:e4:52:06:4dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

urlmon

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

setupapi

dbghelp

psapi

wininet

iphlpapi

ws2_32

Exports

Exports

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 557KB - Virtual size: 556KB

.data Size: 62KB - Virtual size: 354KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

74:f2:95:8d:31:d0:3e:b0:42:f9:08:15:55:30:52:77
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

97:20:63:43:a6:45:8e:ed:25:d4:3b:f3:0c:0b:0b:96:e4:52:06:4d
Signer

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 557KB - Virtual size: 556KB

.data
Size: 62KB - Virtual size: 354KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB