bf7f672d55055e0281083ccd41c857935f9cf1ed2b6f370a6d93121580ce1933

Sharing

Copy URL Twitter E-mail

General

Target

bf7f672d55055e0281083ccd41c857935f9cf1ed2b6f370a6d93121580ce1933
Size

41KB
MD5

20ad8492d89733118433cd4dc3e1f9d5
SHA1

62d8b20a2661a2a4ffc32db11d56d4e005994589
SHA256

bf7f672d55055e0281083ccd41c857935f9cf1ed2b6f370a6d93121580ce1933
SHA512

cae79188faee9e845136635c6c46fd90a21da59246c9583ec85c5e8a4855ab0e0d3f43bf45adc42f466222d2b4392b21b2bbedb7cfa8abb0a37caba8e86c218a
SSDEEP

768:QznfAba0g4ybogT2msp+TTUdVr/H9OlitT1pDxb:UfL0+TTQBFOlSBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7f672d55055e0281083ccd41c857935f9cf1ed2b6f370a6d93121580ce1933

Files

bf7f672d55055e0281083ccd41c857935f9cf1ed2b6f370a6d93121580ce1933
.dll windows:5 windows x64 arch:x64

b8c682fac2f76e60fa536ae84ff3b2a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\BuildSVN\newTRAOI_v3.3_WIN10\x64\Release\DLP9KControl.pdb

Imports

hidapi

hid_init
hid_read_timeout
hid_open_path
hid_write
hid_free_enumeration
hid_enumerate

mfc100

ord3535
ord3477
ord11489
ord6823
ord1709
ord13700
ord10609
ord12808
ord11099
ord6868
ord13109
ord13106
ord13111
ord13108
ord13110
ord13107
ord876
ord8182
ord3288
ord5031
ord10859
ord7063
ord10871
ord10840
ord12925
ord6806
ord12927
ord11107
ord11106
ord2116
ord4555
ord13393
ord6865
ord3934
ord11410
ord11470
ord9145
ord10867
ord7213
ord1266
ord6580
ord7286
ord8000
ord8977
ord7065
ord4595
ord6631
ord6641
ord6640
ord4445
ord4597
ord4461
ord4895
ord4700
ord8135
ord4892
ord4722
ord4458
ord300
ord310
ord1291
ord1293
ord1272
ord316
ord889
ord2524
ord266
ord265
ord4124
ord1274
ord893
ord13144
ord2051
ord321
ord3285
ord2014
ord2012
ord2040
ord1945
ord2002
ord396
ord1914
ord2050
ord2048
ord1906
ord1844
ord1895
ord322
ord1275
ord5871

msvcr100

_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_CxxThrowException
__C_specific_handler
__CxxFrameHandler3
??0exception@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@AEBQEBD@Z
??1exception@std@@UEAA@XZ
_malloc_crt
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
?what@exception@std@@UEBAPEBDXZ

kernel32

TerminateProcess
LocalFree
LocalAlloc
EncodePointer
DecodePointer
Sleep
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
OutputDebugStringA

msvcp100

?_Xlength_error@std@@YAXPEBD@Z

Exports

Exports

??0CDLP9KInterface@@QEAA@AEBV0@@Z
??0CDLP9KInterface@@QEAA@XZ
??1CDLP9KInterface@@QEAA@XZ
??4CDLP9KInterface@@QEAAAEAV0@AEBV0@@Z
?GetDeviceCount@CDLP9KInterface@@QEAAHXZ
?GetExposureTime@CDLP9KInterface@@QEAA_NHAEAG@Z
?GetFirmwareVersion@CDLP9KInterface@@QEAAHH@Z
?GetLastTriggerIndex@CDLP9KInterface@@QEAAHHAEAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetPatNameWithIndex@CDLP9KInterface@@QEAA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@H@Z
?GetPatternCount@CDLP9KInterface@@QEAAHH@Z
?InitDlpDevices@CDLP9KInterface@@AEAA_NXZ
?InitPatterns@CDLP9KInterface@@AEAA_NXZ
?IsDeviceConnected@CDLP9KInterface@@QEAA_NXZ
?SetExposureTime@CDLP9KInterface@@QEAA_NHGG@Z
?SetTrigCommand@CDLP9KInterface@@QEAA_NW4eTrigCmd@@@Z
?SetTriggerMode@CDLP9KInterface@@QEAA_NHHAEAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?SetTriggerMode@CDLP9KInterface@@QEAA_NHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@AEAV23@@Z
?SetTriggerModeByPattern@CDLP9KInterface@@QEAA_NHHAEAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8c682fac2f76e60fa536ae84ff3b2a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hidapi

mfc100

msvcr100

kernel32

msvcp100

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 10KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 624B

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 10KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 624B