a99453acab7ba81c85d7fc0314185c5d6ea0dde6b4826f6a0cb5abc1ff0b362b

Sharing

Copy URL Twitter E-mail

General

Target

a99453acab7ba81c85d7fc0314185c5d6ea0dde6b4826f6a0cb5abc1ff0b362b
Size

100KB
MD5

c03a88dc229bf41558abbe650a7d77f7
SHA1

13ac84d40ecfefbf519c767391d7702008f23153
SHA256

a99453acab7ba81c85d7fc0314185c5d6ea0dde6b4826f6a0cb5abc1ff0b362b
SHA512

26629822660ff57e02d18f07a91a258fa23e1165c278364318d00bba9adcf1b66ca14a9803de7e87dc40e3c069e54747d396d1d3fbe8726da49489d493fcf163
SSDEEP

1536:xTaWUwNd/8gf6lg4G1R4iEsGTg7o3Ze+IojxJlxr5:xTGeqg4IR4oxOe+IojxLr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99453acab7ba81c85d7fc0314185c5d6ea0dde6b4826f6a0cb5abc1ff0b362b

Files

a99453acab7ba81c85d7fc0314185c5d6ea0dde6b4826f6a0cb5abc1ff0b362b
.dll windows:4 windows x86 arch:x86

c81f27f7d27eb9e2cf29add727417077

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

managers

?GetLimitsEntry@CDeviceBase@@UAEJPAPAULIMITS_ENTRY@@PAJ@Z
?GetLimits@CDeviceBase@@MAEXAAULIMITS@@@Z
??1CDeviceBase@@MAE@XZ
?GetTagsList@CDeviceBase@@UAEJPAPAUDEVICExxTAG@@PAK@Z
??0CDeviceBase@@IAE@PAUDEVICExxPARAMETERS@@@Z
?GetDeviceParameters@CDeviceBase@@UAEJPAUDEVICExxPARAMETERS@@@Z
?ReAttachToAnotherPort@CDeviceBase@@UAEJPAUIComPort@@@Z
?SetModuleName@CDeviceBase@@UAEJPBDH@Z
?GetModuleName@CDeviceBase@@UAEJPADKH@Z
?GetFirmwareVerison@CDeviceBase@@UAEJPADK@Z
?SetModuleConfiguration@CDeviceBase@@UAEJPAUDEVICExxCONFIGURATION@@@Z
?GetModuleConfiguration@CDeviceBase@@UAEJPAUDEVICExxCONFIGURATION@@@Z
?GetModuleStatus@CDeviceBase@@UAEJPAE@Z
?ResetModuleStatus@CDeviceBase@@UAEJXZ
?GetFormattedText@CDeviceBase@@IAEPADNJPADJ@Z
?ProcessIO@CDeviceBase@@UAEJPAUDEVICExxIO@@@Z
??0CFormatCommand@@QAA@PAVCDeviceBase@@PBDZZ
?Exchange@CDeviceBase@@IAEJAAVCFormatCommand@@KK@Z
?GetFormattedValue@CDeviceBase@@IAENJPBD@Z
??1CFormatCommand@@QAE@XZ

kernel32

EnterCriticalSection
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
RtlUnwind
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr

Exports

Exports

DriverEntryPoint

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c81f27f7d27eb9e2cf29add727417077

Headers

File Characteristics

Imports

managers

kernel32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB