d99853cd582a16e5778a0bca23b189e8cf9178a196a71f4d14d79d6dcd66023b

Sharing

Copy URL

Twitter E-mail

General

Target

d99853cd582a16e5778a0bca23b189e8cf9178a196a71f4d14d79d6dcd66023b
Size

33KB
MD5

be6f3be7f5aa0f2eae0b146909e9cf75
SHA1

91e876208cafaf2cc1fefb392bfdfe5ad75e29c2
SHA256

d99853cd582a16e5778a0bca23b189e8cf9178a196a71f4d14d79d6dcd66023b
SHA512

e0570ff8a83e3705a9154e5c3b7dbdd6583cb59a7c49f7c88fadaa4d1f99c4bbf44b8567f7cfeb0fb06a8b8ff1581bd9f2e4431e52de0232feb379e6502f3618
SSDEEP

384:pc71HBxU9ys2eNHbjQT9TlwF3ItT/VasYpEDHSFlLckeuz:G1cpST8F3ItTzYpMyjeI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d99853cd582a16e5778a0bca23b189e8cf9178a196a71f4d14d79d6dcd66023b

Files

d99853cd582a16e5778a0bca23b189e8cf9178a196a71f4d14d79d6dcd66023b
.exe windows:6 windows x86 arch:x86

34a10dad25879f299399fcaac8e9b08d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\YANNANTECH\SkyDrive\YANNANTECH\文档\燕南产品\燕南手指静脉采集终端开发文档及SDK\Test\Debug\Test.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameW
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
LoadLibraryExW
GetLastError
RaiseException
IsDebuggerPresent
EncodePointer
GetModuleHandleW
LoadLibraryA

msvcr110d

_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_calloc_dbg
__dllonexit
_onexit
_invoke_watson
_controlfp_s
_except_handler4_common
wcscpy_s
_wmakepath_s
_wsplitpath_s
_commode
_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
_CrtSetCheckCount
_CrtDbgReportW
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
_CRT_RTC_INITW
memset
printf
_unlock

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34a10dad25879f299399fcaac8e9b08d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcr110d

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB