4378845bb3f4849060e64b26137004ff9fb9787ae84cc614305203dcd0b46f65

Sharing

Copy URL Twitter E-mail

General

Target

4378845bb3f4849060e64b26137004ff9fb9787ae84cc614305203dcd0b46f65
Size

432KB
MD5

b66d8b2aa1d1856653f5cc5feddaa674
SHA1

0321e9cb80cf0d33082451b9c42b8926edfda860
SHA256

4378845bb3f4849060e64b26137004ff9fb9787ae84cc614305203dcd0b46f65
SHA512

cbb83d868659900b78fb95aa0dcf16ae553429868c4c42393d14aaea6adbc2630d2d7bb435a7e6c0786d0336d02aeff3d106f8f719b610ec4fc1cd6d0ba2c120
SSDEEP

12288:RHHQnpk7rIWch6t5NOL8tObIwl9Wtz2RE/NInl1W5Np3st:p2oIBhc5NY3t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4378845bb3f4849060e64b26137004ff9fb9787ae84cc614305203dcd0b46f65

Files

4378845bb3f4849060e64b26137004ff9fb9787ae84cc614305203dcd0b46f65
.dll windows:6 windows x86 arch:x86

9c04baf154d4a9a4b9b07d385a225b8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_addr
htons
bind
WSAStringToAddressW
WSAGetLastError
WSACleanup
WSAStartup
socket
shutdown
setsockopt
send
select
recv
getsockopt
ioctlsocket
connect
closesocket
__WSAFDIsSet

hid

HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetHidGuid
HidD_GetAttributes
HidP_GetCaps
HidD_GetSerialNumberString

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

kernel32

SetStdHandle
FreeEnvironmentStringsW
FlushFileBuffers
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
SetFilePointerEx
WriteConsoleW
GetEnvironmentStringsW
CreateSemaphoreW
FindNextFileA
FindFirstFileExA
FindClose
HeapSize
DecodePointer
FreeLibrary
GetProcAddress
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CloseHandle
WideCharToMultiByte
HeapAlloc
HeapFree
SetLastError
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
lstrlenW
lstrlenA
MultiByteToWideChar
DebugBreak
OutputDebugStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateThread
WaitForSingleObject
CreateEventW
WriteFile
GetModuleFileNameW
CreateFileW
CreateThread
GetOverlappedResult
ResumeThread
SetEvent
ResetEvent
WaitForMultipleObjects
ReadFile
PurgeComm
CancelIo
ClearCommError
SetupComm
GetCommState
SetCommState
SetCommTimeouts
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
LCMapStringW
HeapReAlloc
GetStringTypeW
GetFileType
GetStdHandle
GetACP
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW

user32

SendMessageW
wsprintfW
CharUpperW
CharNextW
LoadStringW
PostMessageW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

ANRD5100_GetLibVersion
ANRD5100_SerOpen
ANRD5100_TcpOpen
PLUG_GetLink

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c04baf154d4a9a4b9b07d385a225b8e

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

hid

setupapi

kernel32

user32

version

Exports

Exports

Sections

.text Size: 320KB - Virtual size: 319KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 9KB - Virtual size: 11KB

.gfids Size: 512B - Virtual size: 256B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 320KB - Virtual size: 319KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 9KB - Virtual size: 11KB

.gfids
Size: 512B - Virtual size: 256B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 27KB - Virtual size: 27KB