489ebe2c3c92ab2883e377b9f867b65b4214182075147980b1c274eae586d208

Sharing

Copy URL

Twitter E-mail

General

Target

489ebe2c3c92ab2883e377b9f867b65b4214182075147980b1c274eae586d208
Size

380KB
MD5

beed3b34ea04c3dc9dfade60eb2fb2c2
SHA1

3856875a332d1c02efa8c42a81042ce39b9c76d1
SHA256

489ebe2c3c92ab2883e377b9f867b65b4214182075147980b1c274eae586d208
SHA512

e382a8d03e999c1de21a0822ec5b5ae36c0113444ecce6e2b876b7928637373655b69ec7b2f511442836da00aad5326091167ddc7741096b45fcd33e2de2f122
SSDEEP

6144:3utR+5NIPS/jtzUNxQfYDPQyJRiDAEPMEN3F9pX2vx:+tciK5zUTAYDPfAcEN3V4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
489ebe2c3c92ab2883e377b9f867b65b4214182075147980b1c274eae586d208

Files

489ebe2c3c92ab2883e377b9f867b65b4214182075147980b1c274eae586d208
.exe windows:5 windows x86 arch:x86

a6e01343f863eac2504b8987801c8ab0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Holtek_Code\PC\trunk\TinyProgrammerIII_Unicode\TinyProgrammerUSBSilent\Release\AP2.pdb

Imports

kernel32

FileTimeToLocalFileTime
GetFileAttributesExW
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapQueryInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
IsValidCodePage
GetOEMCP
GetStdHandle
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
WriteConsoleW
LCMapStringW
OutputDebugStringW
ReadConsoleW
SetEnvironmentVariableA
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
FileTimeToSystemTime
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CreateEventW
WaitForSingleObject
CloseHandle
GlobalFindAtomW
GlobalAddAtomW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
WriteFile
SetEndOfFile
SetStdHandle
ReadFile
EncodePointer
FormatMessageW
MulDiv
LoadLibraryA
GlobalFree
GlobalUnlock
FreeResource
SetErrorMode
lstrcmpW
lstrcmpA
CancelIo
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThreadId
GetCurrentThread
LoadLibraryW
GetProcAddress
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
GetExitCodeThread
CreateThread
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
MultiByteToWideChar
LocalFree
WideCharToMultiByte
Sleep
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
SizeofResource
GetConsoleWindow
GetModuleHandleW
GetCPInfo
GetCommandLineW

user32

ClientToScreen
EndPaint
BeginPaint
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetCursorPos
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
SetDlgItemTextW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextW
RemovePropW
GetPropW
SetPropW
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
UpdateWindow
GetSysColorBrush
LoadCursorW
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
SetCursor
GetWindowThreadProcessId
RealChildWindowFromPoint
SetTimer
KillTimer
InvalidateRect
DestroyMenu
GetTopWindow
CharUpperW
GetLastActivePopup
SetWindowPos
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetMenuItemCount
GetMenuItemID
CopyRect
ReleaseDC
GetDC
GetWindowRect
GetSubMenu
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
PostQuitMessage
PostMessageW
GetParent
SendDlgItemMessageA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
LoadIconW
EnableWindow
ShowWindow
MessageBoxW
RegisterDeviceNotificationW

gdi32

TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
SetMapMode
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
CommandLineToArgvW

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW

ole32

CoCreateInstance
CoTaskMemFree
CoCreateGuid
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear
VariantChangeType

oleacc

CreateStdAccessibleObject
LresultFromObject

hid

HidD_SetFeature
HidD_GetFeature
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidP_GetCaps
HidD_GetInputReport

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
CMP_WaitNoPendingInstallEvents
SetupDiDestroyDeviceInfoList

Exports

Exports

CRYPT_EnableCommandKey
CRYPT_SetCommandKey
GetImage
GetImageInfo
GetProgramInfo
ISP_BlankCheck
ISP_CRCCheck
ISP_CloseSerialPortConnect
ISP_EraseMass
ISP_ErasePage
ISP_Execute
ISP_Exit
ISP_GetInformation
ISP_GetTransProgress
ISP_GetUserData
ISP_GetUserResult
ISP_IsConnectedToDevice
ISP_ReadData
ISP_Reset
ISP_ResetToIAP
ISP_SendAuthentication
ISP_SendUserCmd
ISP_SetCmdMode
ISP_SetupSerialPortConnection
ISP_WriteProgramB

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6e01343f863eac2504b8987801c8ab0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oleacc

hid

setupapi

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 223KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 9KB - Virtual size: 27KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 224KB - Virtual size: 223KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 9KB - Virtual size: 27KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 17KB - Virtual size: 17KB