b27f1215ba1068cea3199f207b9d9103d16cd7c508845e1e64654f7d40bdae40

Sharing

Copy URL Twitter E-mail

General

Target

b27f1215ba1068cea3199f207b9d9103d16cd7c508845e1e64654f7d40bdae40
Size

952KB
MD5

eadef3f88ba6e67f9dbee4d96fadc766
SHA1

0853a959a3ecebc0983e571af3d64283ee1e0575
SHA256

b27f1215ba1068cea3199f207b9d9103d16cd7c508845e1e64654f7d40bdae40
SHA512

d45b0387f201e52642df7f3ce742ee3f06f6d02450ee33055727c7bcf02fe48414a07f526f4e8b31ade3cfdd18ef3d17f52e78d4c52ff3d527e11524c748aef3
SSDEEP

12288:lMaxKpZg3QuFcqo9KJRofcNT1ztkd7bPGHzY0TGRVMoEL+8Ch7BWCqH:lMagKQ+cmJGfmFOb4z4CoEL+1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b27f1215ba1068cea3199f207b9d9103d16cd7c508845e1e64654f7d40bdae40

Files

b27f1215ba1068cea3199f207b9d9103d16cd7c508845e1e64654f7d40bdae40
.exe windows:5 windows x86 arch:x86

c6544f38383cd6a6bb8a191cc9c32073

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\build\workspace\miflash_git\out\Release\bin\MiUsbDriver.pdb

Imports

kernel32

CopyFileW
GetFileAttributesW
ReadFile
CreateFileW
GetTempPathW
GetLastError
GetCurrentDirectoryW
SetLastError
GetFileAttributesExW
CloseHandle
DeleteFileW
CreateMutexW
SetFilePointer
CreateProcessW
WaitForSingleObject
GetTickCount
GetModuleFileNameW
ReleaseMutex
GetCurrentProcessId
GetCurrentThread
Sleep
RaiseException
IsDebuggerPresent
GetCurrentThreadId
DuplicateHandle
CreateThread
InterlockedCompareExchange
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
SetEvent
CreateEventW
GetQueuedCompletionStatus
InterlockedExchange
PostQueuedCompletionStatus
CreateIoCompletionPort
SystemTimeToTzSpecificLocalTime
QueryPerformanceCounter
GetSystemTimeAsFileTime
FileTimeToSystemTime
QueryPerformanceFrequency
SetEndOfFile
SetFilePointerEx
SetFileTime
FlushFileBuffers
GetNativeSystemInfo
GetModuleHandleW
GetVersionExW
GetProcAddress
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleExW
InterlockedIncrement
GetModuleHandleExA
WriteFile
GetACP
MultiByteToWideChar
LoadLibraryW
FreeResource
LockResource
ExitProcess
LoadResource
SizeofResource
FindResourceW
GetFileSize
MulDiv
GetFileType
DosDateTimeToFileTime
WideCharToMultiByte
GetLocalTime
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
OutputDebugStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
FreeLibrary
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
TerminateProcess
HeapAlloc
GetProcessHeap
HeapFree
CreatePipe
SetHandleInformation
PeekNamedPipe
GetDriveTypeW
DecodePointer
lstrcmpiW
GetComputerNameW
EncodePointer
GetStringTypeW
AreFileApisANSI
RtlUnwind
IsProcessorFeaturePresent
GetFullPathNameW
GetConsoleCP
GetConsoleMode
HeapReAlloc
SetStdHandle
ReadConsoleW
GetCPInfo
UnhandledExceptionFilter
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapSize
GetStdHandle
IsValidCodePage
GetOEMCP
GetTimeZoneInformation
WriteConsoleW
SetEnvironmentVariableA
FindNextFileW
FindClose
FindFirstFileW
SetUnhandledExceptionFilter
InterlockedExchangeAdd
CreateDirectoryW
GetCurrentProcess
GetUserDefaultLangID
AssignProcessToJobObject
ResumeThread
GetExitCodeProcess
GetCommandLineW
GetWindowsDirectoryW
SystemTimeToFileTime
GetSystemDirectoryW

setupapi

SetupCopyOEMInfW
CM_Locate_DevNode_ExW
CM_Get_Device_ID_ExW
CM_Get_Sibling_Ex
CM_Connect_MachineW
CM_Get_Child_Ex
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDescriptionA
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo

dbghelp

MiniDumpWriteDump

gdiplus

GdipCreateFontFromDC
GdipAlloc
GdipFree
GdiplusStartup
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdiplusShutdown
GdipCloneBrush
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipSetCompositingQuality
GdipDeleteFontFamily
GdipDrawImageRectI
GdipDeleteBrush
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdipCreateLineBrushI
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipDrawImage
GdipGraphicsClear
GdipSetInterpolationMode

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

imm32

ImmGetContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmReleaseContext

iphlpapi

GetAdaptersInfo

user32

CreateCaret
GetCaretBlinkTime
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
GetSysColor
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
GetGUIThreadInfo
GetLastActivePopup
GetDesktopWindow
SetForegroundWindow
SetWindowRgn
IsZoomed
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetPropW
SetPropW
GetSystemMetrics
EnableWindow
ShowWindow
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
IsRectEmpty
IntersectRect
MapWindowPoints
ScreenToClient
GetCursorPos
SetRect
GetClientRect
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
IsIconic
IsWindowVisible
SetWindowPos
IsWindow
SendMessageW
LoadCursorW
OffsetRect
UnionRect
SetCursor
wvsprintfW
DestroyWindow
SetTimer
PostQuitMessage
UnregisterClassW
PostMessageW
KillTimer
WaitMessage
GetQueueStatus
TranslateMessage
RegisterClassExW
CallMsgFilterW
PeekMessageW
MsgWaitForMultipleObjectsEx
DefWindowProcW
DispatchMessageW
MessageBoxW
FillRect
DrawTextW
GetWindowRect
CharPrevW
CreateWindowExW

gdi32

SetWindowOrgEx
GetObjectW
GetTextMetricsW
SelectObject
CreateRoundRectRgn
SaveDC
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
GetDeviceCaps
GetObjectA
CreatePatternBrush
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt

advapi32

RegDeleteKeyW
IsTextUnicode
CreateProcessAsUserW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumKeyExW
RegSetValueExW

shell32

SHFileOperationW
SHGetFolderPathW

ole32

CLSIDFromString
CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
CoInitializeEx
OleLockRunning
CoCreateInstance
OleUninitialize
CoUninitialize
OleInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VarUI4FromStr
SysAllocString
SysFreeString
VariantInit
VariantClear

comctl32

_TrackMouseEvent
ord17

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 655KB - Virtual size: 655KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6544f38383cd6a6bb8a191cc9c32073

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

setupapi

dbghelp

gdiplus

winmm

imm32

iphlpapi

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

userenv

Exports

Exports

Sections

.text Size: 655KB - Virtual size: 655KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 14KB - Virtual size: 32KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 108KB - Virtual size: 112KB

.text
Size: 655KB - Virtual size: 655KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 14KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 108KB - Virtual size: 112KB