Rockey1S[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

Rockey1S.dll
Size

360KB
MD5

71e25af9ff040bf6b50c6f95ccc247de
SHA1

d5bad83176be6779f05d388a435bfe202e79dc6b
SHA256

368ecb61b104192f681d642f486021cc6952d3b5642f069454a8a9d6678c0fb5
SHA512

f0d59e55e013bbd563e140849d7a65ae05c7fa7c7d14a9e98fb43c375600ed0b1b6bd16a35755ac4593026a5a3cc2570a365a8ea01f604c74be000661c3b530c
SSDEEP

6144:1kmRHTHhH3PRHhfz1FAPXmp24BsrZAnVLe8qavSwy0Q:7RHTHhH3PRHhfzTV8eq8Hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Rockey1S.dll

Files

Rockey1S.dll
.dll windows:4 windows x86 arch:x86

ced734c1d20f4c0bdf866adc3212bd76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Rockey\Rockey1Smart\Build\dynamic\Rockey1S.pdb

Imports

hid

HidD_GetAttributes
HidD_SetFeature
HidD_GetFeature
HidD_GetHidGuid
HidD_FlushQueue

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

kernel32

CreateFileMappingW
OpenFileMappingW
CloseHandle
CreateMutexW
WaitForSingleObject
ReleaseMutex
lstrcmpA
lstrlenA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
GetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileW
Sleep
UnmapViewOfFile
MapViewOfFile
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetSystemTime
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
SetConsoleCtrlHandler
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
WideCharToMultiByte
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
MultiByteToWideChar
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
VirtualQuery
LCMapStringA
LCMapStringW
InitializeCriticalSection
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA

user32

wsprintfW

oleaut32

SystemTimeToVariantTime

Exports

Exports

R1_ChangeUserPin
R1_Close
R1_Find
R1_GenRSAKey
R1_GenRandom
R1_GenUpdatePacket
R1_GetCounter
R1_GetErrInfo
R1_GetHID
R1_GetPID
R1_GetVersion
R1_LEDControl
R1_Open
R1_ProducePID
R1_ProduceSoPin
R1_RSADec
R1_RSAEnc
R1_Read
R1_ResetSecurityState
R1_ResetUserPin
R1_SetCounter
R1_SetRSAKey
R1_SetTDesKey
R1_SetTryCountForSoPin
R1_SetTryCountForUserPin
R1_SetUpdatePacket
R1_TDesDec
R1_TDesEnc
R1_Update
R1_VerifySoPin
R1_VerifyUserPin
R1_Write

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ced734c1d20f4c0bdf866adc3212bd76

Headers

File Characteristics

PDB Paths

Imports

hid

setupapi

kernel32

user32

oleaut32

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 250KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 32KB - Virtual size: 121KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 24KB - Virtual size: 21KB

.text
Size: 252KB - Virtual size: 250KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 32KB - Virtual size: 121KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 24KB - Virtual size: 21KB