a973a15f845bfa33e2b877ae053e932f6aa2f385fe86ab50026dce58102a276d

Sharing

Copy URL Twitter E-mail

General

Target

a973a15f845bfa33e2b877ae053e932f6aa2f385fe86ab50026dce58102a276d
Size

66KB
MD5

870df4d0111ae01a205361c84b1df2fd
SHA1

90d45c1a452d542ac01d8f8520a2ce702c0ad006
SHA256

a973a15f845bfa33e2b877ae053e932f6aa2f385fe86ab50026dce58102a276d
SHA512

3f8e05c99fcc7bbf4271caf19761dbcfdd9a6a94dd66aa00943a3263ae64d711880a44c15906f11527b1fc7fe39f7fe232ffe51c6ccdfd1c1d2da541e547b3eb
SSDEEP

768:w4X2Ir216jp9kU6uXPSUaN0hmbESXwWGPP6Di5O+JN+PvV2YGkvgoG0In2WBJFb6:wE9q1eRjXPHa24bMN6mJyvV6yI2cJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a973a15f845bfa33e2b877ae053e932f6aa2f385fe86ab50026dce58102a276d

Files

a973a15f845bfa33e2b877ae053e932f6aa2f385fe86ab50026dce58102a276d
.dll windows:6 windows x86 arch:x86

137df74ec568c525003d6e33e688f152

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\JA_Projects\LDA\trunk\src\Q-LDA x64_6-20-20\Q-LDA x64\VNX_atten64\Release\VNX_atten.pdb

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid
HidD_GetSerialNumberString

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
CreateFileW
CloseHandle
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
CreateEventW
WriteFile
GetLastError
WaitForSingleObject
GetOverlappedResult
ReadFile
CreateThread
ExitThread
SetEvent
GetSystemTimeAsFileTime
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead

msvcp140

?_Xlength_error@std@@YAXPBD@Z

vcruntime140

memmove
__std_exception_destroy
memcpy
__CxxFrameHandler3
__std_type_info_destroy_list
_except_handler4_common
__current_exception
memset
_CxxThrowException
__std_exception_copy
__current_exception_context

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfwprintf
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
terminate
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit
_crt_atexit

api-ms-win-crt-convert-l1-1-0

_wtoi
_itow

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcscat_s

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

fnLDA_CloseDevice
fnLDA_GetAttenuation
fnLDA_GetAttenuationHR
fnLDA_GetAttenuationStep
fnLDA_GetAttenuationStepHR
fnLDA_GetAttenuationStepTwo
fnLDA_GetAttenuationStepTwoHR
fnLDA_GetDLLVersion
fnLDA_GetDevInfo
fnLDA_GetDeviceStatus
fnLDA_GetDwellTime
fnLDA_GetDwellTimeTwo
fnLDA_GetFeatures
fnLDA_GetHoldTime
fnLDA_GetIdleTime
fnLDA_GetMaxAttenuation
fnLDA_GetMaxAttenuationHR
fnLDA_GetMaxWorkingFrequency
fnLDA_GetMinAttenStep
fnLDA_GetMinAttenStepHR
fnLDA_GetMinAttenuation
fnLDA_GetMinAttenuationHR
fnLDA_GetMinWorkingFrequency
fnLDA_GetModelNameA
fnLDA_GetModelNameW
fnLDA_GetNumChannels
fnLDA_GetNumDevices
fnLDA_GetProfileCount
fnLDA_GetProfileDwellTime
fnLDA_GetProfileElement
fnLDA_GetProfileElementHR
fnLDA_GetProfileIdleTime
fnLDA_GetProfileIndex
fnLDA_GetProfileMaxLength
fnLDA_GetRF_On
fnLDA_GetRampEnd
fnLDA_GetRampEndHR
fnLDA_GetRampStart
fnLDA_GetRampStartHR
fnLDA_GetSerialNumber
fnLDA_GetWorkingFrequency
fnLDA_InitDevice
fnLDA_SaveSettings
fnLDA_SetAttenuation
fnLDA_SetAttenuationHR
fnLDA_SetAttenuationHRQ
fnLDA_SetAttenuationStep
fnLDA_SetAttenuationStepHR
fnLDA_SetAttenuationStepTwo
fnLDA_SetAttenuationStepTwoHR
fnLDA_SetChannel
fnLDA_SetDwellTime
fnLDA_SetDwellTimeTwo
fnLDA_SetHoldTime
fnLDA_SetIdleTime
fnLDA_SetProfileCount
fnLDA_SetProfileDwellTime
fnLDA_SetProfileElement
fnLDA_SetProfileElementHR
fnLDA_SetProfileIdleTime
fnLDA_SetRFOn
fnLDA_SetRampBidirectional
fnLDA_SetRampDirection
fnLDA_SetRampEnd
fnLDA_SetRampEndHR
fnLDA_SetRampMode
fnLDA_SetRampStart
fnLDA_SetRampStartHR
fnLDA_SetTestMode
fnLDA_SetTraceLevel
fnLDA_SetWorkingFrequency
fnLDA_StartProfile
fnLDA_StartProfileMC
fnLDA_StartRamp
fnLDA_StartRampMC

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

137df74ec568c525003d6e33e688f152

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

hid

kernel32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 1KB - Virtual size: 8.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 1KB - Virtual size: 8.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB