795236a86e7f3e62e4cdc1e7643b49d7a8f32d1de14be776f25544516459cbba

Sharing

Copy URL Twitter E-mail

General

Target

795236a86e7f3e62e4cdc1e7643b49d7a8f32d1de14be776f25544516459cbba
Size

19KB
MD5

3d216184154a8b22157194455f6f4501
SHA1

83eb7cd40621e92b743a7f569e9ac1788fb6d445
SHA256

795236a86e7f3e62e4cdc1e7643b49d7a8f32d1de14be776f25544516459cbba
SHA512

58233a7512838c26c3e5b73f588304f1afe80bc9f3c2f3295f5b4e3f112ae8aa8a07ce7cd5caab1e6223f32ef4f5198cf479e1fe4f7060b507a32bee2a488d84
SSDEEP

384:u4dRb5l3APdFHgGqyfd1c0cTbDmaa9Qo++3M5BkrUUOBJWoIhWGBIqQBZcmOh+2:u4n5l3APfgGqyfd1c0cnDLFgQarIB0oF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
795236a86e7f3e62e4cdc1e7643b49d7a8f32d1de14be776f25544516459cbba

Files

795236a86e7f3e62e4cdc1e7643b49d7a8f32d1de14be776f25544516459cbba
.dll windows:6 windows x86 arch:x86

7d4cfc1200e21381d6a23a0944c93f0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Works\JMDAS2019\dhdas7_hardware\bin\WacthDogCtrl.pdb

Imports

mfc140

ord2406
ord1468
ord993
ord1509
ord3841
ord1510
ord325
ord1051
ord2359
ord2241
ord324
ord1050
ord2409
ord2372
ord2408
ord485
ord2263
ord2370
ord2178
ord2294
ord2397

kernel32

OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CreateThread
WaitForSingleObject
TerminateThread
CloseHandle
InitializeCriticalSectionEx
GetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
LocalAlloc
LocalFree
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter

vcruntime140

_except_handler4_common
_CxxThrowException
__std_exception_destroy
__CxxFrameHandler3
memset
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

Exports

Exports

??0CIOPhysCtrl@@QAE@ABV0@@Z
??0CIOPhysCtrl@@QAE@XZ
??0CIOPhysCtrl_Norco@@QAE@ABV0@@Z
??0CIOPhysCtrl_Norco@@QAE@XZ
??1CIOPhysCtrl@@QAE@XZ
??1CIOPhysCtrl_Norco@@UAE@XZ
??4CIOPhysCtrl@@QAEAAV0@ABV0@@Z
??4CIOPhysCtrl_Norco@@QAEAAV0@ABV0@@Z
??_7CIOPhysCtrl@@6B@
??_7CIOPhysCtrl_Norco@@6B@
?DisableWdt@CIOPhysCtrl@@MAEHXZ
?DisableWdt@CIOPhysCtrl_Norco@@MAEHXZ
?EnableWdt@CIOPhysCtrl@@MAEHXZ
?EnableWdt@CIOPhysCtrl_Norco@@MAEHXZ
?HaltWdtMon@CIOPhysCtrl@@QAEXXZ
?InitIoPhys@CIOPhysCtrl@@QAEHXZ
?ReadPortVal@CIOPhysCtrl@@QAEHGAAKE@Z
?ResetWdt@CIOPhysCtrl@@MAEHXZ
?ResetWdt@CIOPhysCtrl_Norco@@MAEHXZ
?SetTimeout@CIOPhysCtrl@@QAEXK@Z
?SetTimeoutImmediately@CIOPhysCtrl@@UAEXXZ
?SetTimeoutImmediately@CIOPhysCtrl_Norco@@UAEXXZ
?ShutIoPhys@CIOPhysCtrl@@QAEHXZ
?StartWdtMon@CIOPhysCtrl@@QAEHXZ
?StopWdtMon@CIOPhysCtrl@@QAEHXZ
?WdtMonThread@CIOPhysCtrl@@SAIPAX@Z
?WritePortVal@CIOPhysCtrl@@QAEHGKE@Z

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d4cfc1200e21381d6a23a0944c93f0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc140

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 768B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 768B

.reloc
Size: 1KB - Virtual size: 1KB