6e43ac01b324eda4ab03eb64c1d57bf98b13132171cefc1cbfb9a939ff8d57b8

Sharing

Copy URL Twitter E-mail

General

Target

6e43ac01b324eda4ab03eb64c1d57bf98b13132171cefc1cbfb9a939ff8d57b8
Size

5.3MB
MD5

00b56b9d4aed2c967940d1817b950e66
SHA1

3a3f17be4a2530a5f9acdf36e9b38ce61ba3b882
SHA256

6e43ac01b324eda4ab03eb64c1d57bf98b13132171cefc1cbfb9a939ff8d57b8
SHA512

06dd1d8795b28cdb19e31029231fd8b2321c99cdceca96c26a91942e6c3322d662125fb1a3e1aa42e9e08c110b7f1cb3a3ceeb02b31369b7e596821aa3716ec2
SSDEEP

98304:jmFYqkZ8H6moXSTjUAq7QaqH8XrUqnM3wOCX+GAQwiDRVk3WI3wSUX1Uuph:jkH6moXSHUAEqH3BD3WI3wXamh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e43ac01b324eda4ab03eb64c1d57bf98b13132171cefc1cbfb9a939ff8d57b8

Files

6e43ac01b324eda4ab03eb64c1d57bf98b13132171cefc1cbfb9a939ff8d57b8
.exe windows:5 windows x86 arch:x86

46c3c11edf01564421d3f3c0e4fcfe76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\companycurrent\Release\Beacon_Gamma_Color_I2C\Beacon_Gamma_Color(I2c)3.0_T20.pdb

Imports

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathIsDirectoryA
StrFormatKBSizeA

dlportio

DlPortReadPortUchar
DlPortWritePortUchar

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
SearchPathA
GetWindowsDirectoryA
GetTempPathA
FindResourceExW
GetACP
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
SetErrorMode
GetCPInfo
GetOEMCP
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalFlags
GlobalSize
FreeLibrary
SetLastError
GetCurrentThread
DeviceIoControl
MultiByteToWideChar
CancelIo
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateThread
OutputDebugStringA
GetSystemInfo
CreateEventW
GetProcessHeap
HeapFree
ReadFile
GetOverlappedResult
WriteFile
LocalFree
FormatMessageA
SuspendThread
ResumeThread
GetCommMask
ClearCommError
WaitCommEvent
PurgeComm
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
CreateFileA
TerminateThread
MulDiv
InitializeCriticalSection
WaitForMultipleObjects
SetEvent
CreateEventA
ResetEvent
GetCommandLineA
CloseHandle
InitializeCriticalSectionAndSpinCount
GetLastError
DeleteCriticalSection
GetCurrentDirectoryA
WaitForSingleObject
CopyFileA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalUnlock
GlobalAlloc
GlobalLock
Sleep
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
WaitForSingleObjectEx
LocalUnlock
LocalLock
GetProfileIntA
CreateIoCompletionPort
GetTempFileNameA
OutputDebugStringW
GetStringTypeW
LCMapStringW
MoveFileExA
GetSystemDirectoryA
SetPriorityClass
RtlUnwind
GetCommandLineW
VirtualAlloc
VirtualQuery
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetStdHandle
GetFileType
HeapQueryInformation
ExitProcess
GetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetDriveTypeW
ReadConsoleW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
FindFirstFileExA
GlobalFree
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
LoadLibraryA
GlobalAddAtomA
GlobalGetAtomNameA
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeResource
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
FindResourceA
GlobalFindAtomA
CompareStringA
SetThreadPriority
GetVersionExA
FileTimeToLocalFileTime
FindClose
FindFirstFileA
WriteConsoleW
CreateFileW
GetCurrentDirectoryW
LocalReAlloc
LocalAlloc
GlobalHandle
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
DeleteFileA
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
LoadLibraryExA
GetShortPathNameA
lstrcmpiA
MoveFileA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
lstrcmpA
SystemTimeToFileTime
VirtualProtect
GlobalReAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileTime
SetFileTime
TlsFree
ReplaceFileA
GetUserDefaultLCID
GetFileAttributesExA
GetFileSizeEx
LocalFileTimeToFileTime
TlsAlloc
TlsGetValue
TlsSetValue
GetTickCount

user32

GetDoubleClickTime
InvertRect
HideCaret
GetIconInfo
GetNextDlgGroupItem
CopyIcon
ModifyMenuA
CharUpperBuffA
RegisterClipboardFormatA
EmptyClipboard
SetClipboardData
SetClassLongA
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
IsCharLowerA
MapVirtualKeyExA
GetUpdateRect
SubtractRect
GetComboBoxInfo
GetWindowRgn
DrawEdge
DrawFocusRect
DrawFrameControl
GetKeyboardState
GetKeyboardLayout
CreateMenu
CopyAcceleratorTableA
PostThreadMessageA
GetTabbedTextExtentW
DrawIcon
LoadImageW
EnableScrollBar
UpdateLayeredWindow
FrameRect
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
MessageBeep
SetWindowRgn
TrackMouseEvent
EnumDisplayMonitors
SetLayeredWindowAttributes
CopyImage
UnionRect
RealChildWindowFromPoint
LockWindowUpdate
DestroyCursor
LoadCursorW
ShowOwnedPopups
LoadMenuW
LoadAcceleratorsW
MonitorFromPoint
WindowFromPoint
MapVirtualKeyA
GetKeyNameTextA
GetMenuItemInfoA
MapDialogRect
GetAsyncKeyState
GetWindowDC
GetNextDlgTabItem
EndDialog
UnregisterClassA
SetParent
DeleteMenu
GetSystemMenu
wsprintfA
GetSystemMetrics
GetDCEx
CreateDialogIndirectParamA
DrawStateA
CharUpperA
GetMessageA
IsDialogMessageA
SetWindowTextA
RedrawWindow
GetWindow
GetClassLongA
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
SystemParametersInfoA
GetSysColorBrush
GetKeyState
OffsetRect
InsertMenuA
UpdateWindow
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
MoveWindow
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoA
MonitorFromWindow
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetTopWindow
MapWindowPoints
PostQuitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
IsWindowVisible
LoadBitmapW
GetClipboardData
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
MessageBoxA
SetWindowLongA
PostMessageA
IsZoomed
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
AppendMenuA
ClientToScreen
CreatePopupMenu
ReleaseCapture
SetCapture
ScreenToClient
GetCursorPos
SetCursor
CopyRect
GetParent
KillTimer
PtInRect
InvalidateRect
SetTimer
ReleaseDC
GetDC
InflateRect
DrawIconEx
GetClientRect
LoadIconW
FillRect
GetWindowRect
LoadCursorA
GetSysColor
EnableWindow
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
GetFocus
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
GetClassInfoExA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
RegisterWindowMessageA
ReuseDDElParam
UnpackDDElParam
WinHelpA
LoadImageA
DestroyIcon
GetClassNameA
GetDesktopWindow
EqualRect
IntersectRect
SetRectEmpty
SetActiveWindow
InsertMenuItemA
DestroyMenu
SetMenu
LoadMenuA
LoadAcceleratorsA
GetCapture
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
ShowWindow
GetClassInfoA
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
AdjustWindowRectEx
DrawMenuBar
GetMenu
TranslateAcceleratorA
GetActiveWindow
BringWindowToTop
SetWindowPos
IsWindow
CreateWindowExA
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongA
IsWindowEnabled
RemoveMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
WaitMessage
SetRect
GetMessagePos
SendMessageA

gdi32

SetPixelV
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
RoundRect
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
OffsetRgn
GetRgnBox
SetDIBColorTable
SetPixel
RealizePalette
Polyline
Polygon
CreatePolygonRgn
GetTextFaceA
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextAlign
GetStretchBltMode
GetPolyFillMode
GetNearestColor
GetBkMode
GetROP2
LPtoDP
CreateEllipticRgn
EnumFontFamiliesExA
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetCharWidthA
GetViewportOrgEx
SetAbortProc
AbortDoc
EndPage
StartPage
EndDoc
GetBkColor
GetTextMetricsA
DPtoLP
SetRectRgn
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
StartDocA
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
GetClipBox
ExcludeClipRect
CreateRectRgn
CreateBitmap
SetTextColor
SetBkColor
CreateDCA
CopyMetaFileA
CreateHatchBrush
PatBlt
GetTextColor
Ellipse
StretchBlt
SetStretchBltMode
CreateDIBSection
CreatePatternBrush
CreateFontA
GetDeviceCaps
Escape
ExtTextOutA
RectVisible
PtVisible
DeleteDC
GetDIBits
CreateSolidBrush
DeleteObject
SelectObject
GetObjectA
CreatePenIndirect
CreatePen
TextOutA
Rectangle
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
GetTextExtentPoint32A
GetCurrentObject
GetStockObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetJobA

advapi32

SystemFunction036
RegSetValueExA
RegCloseKey
RegQueryValueExA
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
CreateServiceA
DeleteService
StartServiceA
RegSetValueA
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
RegDeleteValueA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA
SHAddToRecentDocs
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
ShellExecuteA
SHGetDesktopFolder

uxtheme

GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeText
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
IsAppThemed

ole32

CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
CoDisconnectObject
CoInitialize
CoCreateGuid
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoUninitialize
CoGetMalloc
CoInitializeEx
OleLockRunning
RevokeDragDrop
IsAccelerator
RegisterDragDrop

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
SysAllocString

ws2_32

WSAGetLastError
WSASend
WSACleanup
WSARecv
WSAAsyncSelect
WSASetLastError
socket
sendto
closesocket
gethostname
gethostbyname
WSAStartup
accept
WSASocketA
setsockopt
htons
send
select
recvfrom
inet_addr
htonl
connect
recv
WSAGetOverlappedResult
WSAEnumNetworkEvents
getsockopt
WSAWaitForMultipleEvents
WSAIoctl
ioctlsocket
WSAEventSelect
listen
bind

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageI
GdipDrawImageRectI

odbc32

ord68
ord61
ord59
ord41
ord76
ord39
ord20
ord49
ord19
ord48
ord18
ord38
ord45
ord1
ord2
ord3
ord5
ord8
ord9
ord10
ord11
ord12
ord13
ord14
ord15
ord16
ord17
ord43
ord44

crypt32

CryptUnprotectData
CryptProtectData

colorspacelib

MonochromeSpaceGetGamma
ColorSpaceGetMaxLumin
DealSpaceData
InitialSpaceData
GammaToLumin
ColorSpaceSetMaxGamma
ColorSpaceGetGamma
ColorSpaceGetGammaReverse
AddTheColorLumi
MinusTheColorLumi

i1d3sdk

i1d3OverrideDeviceDefaults
i1d3Initialize
i1d3GetDeviceHandle
i1d3DeviceOpen
i1d3Destroy
i1d3Measure
i1d3GetNumberOfDevices

casdk2

?get_sy@CASDK2Probe@@QAEHPAN@Z
?get_sx@CASDK2Probe@@QAEHPAN@Z
?get_Lv@CASDK2Probe@@QAEHPAN@Z
?Measure@CASDK2Ca@@QAEHXZ
?put_DisplayMode@CASDK2Ca@@QAEHH@Z
?get_AveragingMode@CASDK2Ca@@QAEHPAH@Z
?get_SyncMode@CASDK2Ca@@QAEHPAHPAN@Z
?get_DisplayProbe@CASDK2Ca@@QAEHPADPAK@Z
?get_PortID@CASDK2Ca@@QAEHPADPAK@Z
?put_DisplayProbe@CASDK2Ca@@QAEHPBD@Z
?CalZero@CASDK2Ca@@QAEHXZ
?DisconnectAll@CASDK2Ca200@@QAEHXZ
?AutoDisconnect@CASDK2Ca200@@QAEHXZ
??1CASDK2Ca200@@QAE@XZ
?get_SingleProbe@CASDK2Ca@@QAEHPAPAVCASDK2Probe@@@Z
?get_Memory@CASDK2Ca@@QAEHPAPAVCASDK2Memory@@@Z
?get_OutputProbes@CASDK2Ca@@QAEHPAPAVCASDK2OutputProbes@@@Z
?get_Probes@CASDK2Ca@@QAEHPAPAVCASDK2Probes@@@Z
?get_SingleCa@CASDK2Ca200@@QAEHPAPAVCASDK2Ca@@@Z
?AutoConnect@CASDK2Ca200@@QAEHXZ
??0CASDK2Ca200@@QAE@XZ
?CASDK2_GetLocalizedErrorMsgFromErrorCode@@YAHHHPA_WPAK@Z
?SetExeCalZeroCallback@CASDK2Ca@@QAEHQ6AXPAX0@Z0@Z
?put_BrightnessUnit@CASDK2Ca@@QAEHH@Z

ca2dsdk

CA2DSDK_SetDataCondition
CA2DSDK_PollingMeasurement
CA2DSDK_DoMeasurement
CA2DSDK_ClearEvaluationArea
CA2DSDK_DisconnectInstrument
CA2DSDK_SetInstrumentCondition
CA2DSDK_GetInstrumentCondition
CA2DSDK_ConnectInstrument
CA2DSDK_Disable
CA2DSDK_GetInstrumentSerialNumber
CA2DSDK_Enable
CA2DSDK_GetAreaData
CA2DSDK_GetFinderImage

ddchelper

WriteI2CBuf
ReadI2CBuf
InitDDCHelper
EnumGetFirst
InstallDriver
GetLibraryOption
SetLibraryOption
GetCachedEDID256
GetEDIDOption
EnumGetNext

uniformtyoperater

_GetUniformtyHandle@0

hasp_windows_30269

ord13
ord6

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 450KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46c3c11edf01564421d3f3c0e4fcfe76

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

dlportio

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

uxtheme

ole32

oleaut32

ws2_32

gdiplus

odbc32

crypt32

colorspacelib

i1d3sdk

casdk2

ca2dsdk

ddchelper

uniformtyoperater

hasp_windows_30269

setupapi

oleacc

imm32

winmm

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 450KB - Virtual size: 449KB

.data Size: 50KB - Virtual size: 80KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 158KB - Virtual size: 158KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 450KB - Virtual size: 449KB

.data
Size: 50KB - Virtual size: 80KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 158KB - Virtual size: 158KB