2a62a066abd5ac1149b8809ea782e7ac86e4ff722d6917ceeb5bfe6f584f7f9f

Sharing

Copy URL Twitter E-mail

General

Target

2a62a066abd5ac1149b8809ea782e7ac86e4ff722d6917ceeb5bfe6f584f7f9f
Size

1.9MB
MD5

4e3071fdb28c5aece287e444ad9af40d
SHA1

0bb12c5ad57664f3a20e9d0c64878ed3b28b87d0
SHA256

2a62a066abd5ac1149b8809ea782e7ac86e4ff722d6917ceeb5bfe6f584f7f9f
SHA512

ab0bd833ccc54b290f734c1e061aa5faedfc939d6264e3f2bca9102e81f87c1a8c9d81f9b41f3565c6dfe76ab3ed0a5f2012dfa73a0e6bda44b2b7cfb51a6750
SSDEEP

49152:E3216yWQcVdCajZU9AxVolkHsB8F7KQW+l/6AL2BKC9:O216yWpkajZUmolkMBcmQW+l/6AiBK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a62a066abd5ac1149b8809ea782e7ac86e4ff722d6917ceeb5bfe6f584f7f9f

Files

2a62a066abd5ac1149b8809ea782e7ac86e4ff722d6917ceeb5bfe6f584f7f9f
.dll windows:6 windows x86 arch:x86

028f8a42d63c1ec0d792463a2cfe897f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\project\SVN_project\Chip\磐启\补光灯\Win_SDK\Release\Set_Dongle_RF_API.pdb

Imports

hid

HidD_GetAttributes
HidD_GetHidGuid
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

kernel32

GetStdHandle
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
HeapQueryInformation
FlsFree
TerminateProcess
IsValidCodePage
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
CompareStringEx
LCMapStringEx
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
IsProcessorFeaturePresent
IsDebuggerPresent
HeapSize
ExitThread
CreateThread
RaiseException
VirtualQuery
VirtualAlloc
GetSystemInfo
SetThreadStackGuarantee
HeapReAlloc
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetUserDefaultUILanguage
FindResourceExW
VirtualProtect
SearchPathA
GetProfileIntA
GetTickCount
Sleep
GetTempFileNameA
GetTempPathA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
lstrcpyA
GetACP
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FileTimeToLocalFileTime
GetVolumeInformationA
lstrcmpiA
GetCurrentProcess
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
GetProcessHeap
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
GetCPInfo
GetOEMCP
FileTimeToSystemTime
DeleteFileA
GlobalFlags
GetCurrentDirectoryA
InterlockedIncrement
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
ResumeThread
SetThreadPriority
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
FindResourceA
LoadLibraryW
LoadLibraryA
lstrcmpW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
GetVersion
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
GetFileAttributesW
SetLastError
CopyFileA
MulDiv
GlobalFree
GlobalUnlock
GlobalSize
GetLocaleInfoEx
GetThreadPreferredUILanguages
CompareStringA
MultiByteToWideChar
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
RegisterApplicationRestart
RegisterApplicationRecoveryCallback
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
InterlockedExchange
LocalFree
FormatMessageA
CreateEventA
ReadFile
CancelIo
GetOverlappedResult
WaitForSingleObject
GetLastError
WriteFile
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateFileA
CloseHandle
GetFileType
SetStdHandle
LockFile
GetSystemTimeAsFileTime
FlsSetValue
InitializeCriticalSectionEx

user32

LoadImageA
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IntersectRect
CharUpperA
DestroyIcon
IsIconic
IsDialogMessageA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
InflateRect
GetMenuItemInfoA
DestroyMenu
LoadCursorA
GetSysColorBrush
GetSystemMetrics
FillRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
GetDesktopWindow
ClientToScreen
SetWindowTextA
DeleteMenu
SystemParametersInfoA
CopyImage
UnregisterClassA
GetWindowThreadProcessId
IsWindowEnabled
SetCursor
ShowOwnedPopups
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetCursorPos
GetActiveWindow
TranslateMessage
GetMessageA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
DrawIconEx
DrawIcon
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetParent
GetClassLongA
SetWindowLongA
GetWindowLongA
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
SendMessageA
GetMessageTime
ToAsciiEx
GetKeyboardState
GetIconInfo
GetWindowRgn
DestroyCursor
MapDialogRect
CreateMenu
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
PostQuitMessage
PostMessageA
RegisterDeviceNotificationA
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
FrameRect
CharUpperBuffA
RegisterClipboardFormatA
ModifyMenuA
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
ChangeWindowMessageFilter
SetClassLongA
LockWindowUpdate
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableA
DestroyAcceleratorTable
SetWindowsHookExA
CreateAcceleratorTableA
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
PostThreadMessageA
GetSystemMenu
IsZoomed
GetComboBoxInfo
LoadMenuW
TrackMouseEvent
GetKeyNameTextA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
LoadImageW
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MapVirtualKeyA
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
UnhookWindowsHookEx
LoadAcceleratorsW

gdi32

CreateCompatibleDC
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
BitBlt
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectA
GetTextExtentPoint32A
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateCompatibleBitmap
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceA
DeleteObject
CreateBitmap
GetObjectA
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCA
OffsetWindowOrgEx
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder
SHGetKnownFolderPath
SHCreateItemFromParsingName

shlwapi

PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
PathFindExtensionA
PathFindFileNameA

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
DrawThemeTextEx
BufferedPaintInit
BufferedPaintUnInit
BeginBufferedPaint
IsAppThemed
GetCurrentThemeName
EndBufferedPaint
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor

dwmapi

DwmDefWindowProc
DwmSetWindowAttribute
DwmIsCompositionEnabled

ole32

CreateStreamOnHGlobal
CoInitializeEx
CoInitialize
CoCreateInstance
ReleaseStgMedium
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoCreateGuid
OleLockRunning
OleDuplicateData
DoDragDrop

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VarBstrFromDate
SysAllocString
VariantClear
VariantInit
SysFreeString
SysAllocStringLen

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

gdiplus

GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImagePalette

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

Get_USB_State
Send_RF_DATA

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

028f8a42d63c1ec0d792463a2cfe897f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hid

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

dwmapi

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 278KB - Virtual size: 278KB

.data Size: 23KB - Virtual size: 116KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 373KB - Virtual size: 372KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 278KB - Virtual size: 278KB

.data
Size: 23KB - Virtual size: 116KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 373KB - Virtual size: 372KB