8bbd78759defd97b5c04d9fb805eb219db136edb58995e578851b50b2a716b67

Sharing

Copy URL Twitter E-mail

General

Target

8bbd78759defd97b5c04d9fb805eb219db136edb58995e578851b50b2a716b67
Size

192KB
MD5

3397123442376a0a04f87c88aa15fa6f
SHA1

2c00c9c1d781d5b540abc58799b5f809ab5fb229
SHA256

8bbd78759defd97b5c04d9fb805eb219db136edb58995e578851b50b2a716b67
SHA512

9ada04327d3ec7dc9d42533a4980a79a59acddfebbeefca8063b9c4f3b110f51528fe88a8e170a06ca91022982945c78b0e8d40d67fb2899747195375612d442
SSDEEP

3072:+ZT5dRSq8I4aNBaZPel+IErGTojcBPVkVjolZ:4T5dRSW47PezEiT7kVWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bbd78759defd97b5c04d9fb805eb219db136edb58995e578851b50b2a716b67

Files

8bbd78759defd97b5c04d9fb805eb219db136edb58995e578851b50b2a716b67
.dll windows:4 windows x86 arch:x86

0ec8194937dcc181fe41233b247e6c76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
SetStdHandle
FlushFileBuffers
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP
IsValidLocale
GetCPInfo
SetFilePointer
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThread
TlsGetValue
SetLastError
LCMapStringA
LCMapStringW
SetEndOfFile
ReadFile
GetLocaleInfoW
CompareStringA
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
RtlUnwind
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CompareStringW
CreateThread
GetExitCodeThread
GetVersionExA
GetEnvironmentVariableA
GetModuleHandleA
WriteFile
GetLastError
WideCharToMultiByte
FatalAppExitA
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersion
SetEnvironmentVariableA
GetCommandLineA
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
InterlockedIncrement
InterlockedDecrement
CloseHandle
FreeLibrary
Sleep
GetTickCount
GetModuleFileNameA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime

user32

SetFocus
MessageBoxA
GetActiveWindow
SetDlgItemTextA
PostMessageA
BringWindowToTop
SetWindowLongA
GetDlgItemTextA
IsDlgButtonChecked
CallWindowProcA
CloseClipboard
ChildWindowFromPoint
SetWindowTextA
GetDlgItem
DialogBoxParamW
EmptyClipboard
EndDialog
OpenClipboard
ShowWindow

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

netapi32

Netbios

dcic32

IC_ReadDevice
IC_InitComm
IC_CpuApdu_Hex
IC_ExitComm
IC_Status
IC_CpuReset_Hex
IC_Beep
IC_InitType
IC_ReadDevSnr
IC_ReadMagCard
hex2asc

ft_nd_api

epas_CloseDevice
epas_OpenDevice
epas_DeleteContext
epas_CreateContext
epas_GetProperty

cdll8

ord12
ord2
ord1

sscarddriver

iReadCardBas_HSM_Step2
iReadCardBas_HSM_Step1
iReadCardBas

ws2_32

gethostbyname
gethostname

mutil

_JSON_get@12

dc_reader

iReadSIEF05
iReadDevSnr
iScan2DBarcodeExt

mtx_32

ord151
ord1
ord10
ord9
ord13
ord2
ord16
ord32

sw100

ICC_Reader_GetDeviceCSN
ICC_Reader_Open
ICC_Reader_ScanCode
ICC_Reader_Application
HexToStr
StrToHex
ICC_Reader_PowerOff
ICC_Reader_GetStatus
ICC_Reader_SetQRCodeMode
ICC_Reader_PowerOn
PICC_Reader_ID_CertInfo
ICC_Reader_Close

dcp3

P3_Scan2DBarcodeGetData
P3_Scan2DBarcodeStart
P3_2DBarcodeAutoModeOnOff
P3_IC_InitComm_Baud
P3_IC_ReadDevSnr
P3_IC_ExitComm
P3_Scan2DBarcodeExit

Exports

Exports

_DataDown_card@16
_DataDown_self@16

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ec8194937dcc181fe41233b247e6c76

Headers

File Characteristics

Imports

kernel32

user32

advapi32

netapi32

dcic32

ft_nd_api

cdll8

sscarddriver

ws2_32

mutil

dc_reader

mtx_32

sw100

dcp3

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 120KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 32KB - Virtual size: 43KB

.idata Size: 8KB - Virtual size: 6KB

shared Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 120KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 43KB

.idata
Size: 8KB - Virtual size: 6KB

shared
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB