da8e170fcf92b7f4a7ccfadcc265341b1261559a2e97814eebd62114b74ea430

Sharing

Copy URL

Twitter E-mail

General

Target

da8e170fcf92b7f4a7ccfadcc265341b1261559a2e97814eebd62114b74ea430
Size

1.9MB
MD5

6dd6c7003e4fae8cf1aaab51ce18898c
SHA1

4a2f090e5015646c2926bd3325f472aa13960199
SHA256

da8e170fcf92b7f4a7ccfadcc265341b1261559a2e97814eebd62114b74ea430
SHA512

14c3c082f93cd1e856f947c9500cf08a49f361cad55066775de1863e3fb906d28adec0ec9ece343572a439fe2628987b050feec80856bdfd5f23c064b6061dda
SSDEEP

49152:iNgjNMLuFlXfwLsiXTf5dCJMnIvEXw1+B9FoR/nLAUGBJ:7jNMLuFlX4LPTffCJMnikB9FoR/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da8e170fcf92b7f4a7ccfadcc265341b1261559a2e97814eebd62114b74ea430

Files

da8e170fcf92b7f4a7ccfadcc265341b1261559a2e97814eebd62114b74ea430
.dll windows:5 windows x86 arch:x86

a1ea9e0bea1e996d9b20fab6ea555c94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Working smart\FW Tool\RVC for RvcLib v1.96.0.9(2018-01-12)\RVC\Release\RvcLib_Merged.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

hid

HidD_SetOutputReport
HidD_FreePreparsedData
HidP_GetValueCaps
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetHidGuid

kernel32

GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetStdHandle
GetStringTypeW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteConsoleW
SetEnvironmentVariableA
GetCurrentThreadId
Sleep
DeleteFileW
WaitForSingleObject
IsValidCodePage
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetFileAttributesW
CloseHandle
CreateEventW
GetLastError
WriteFile
CreateFileW
SetEvent
CreateThread
WaitForMultipleObjects
ResetEvent
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
WideCharToMultiByte
GetCurrentDirectoryW
DeviceIoControl
LocalFree
LocalAlloc
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
HeapSize
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
ExitThread
RtlUnwind
GetCommandLineA
GetModuleHandleExW
ExitProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
FindResourceExW
DecodePointer
DeleteCriticalSection
GetVersionExW
GetCurrentProcess
GetProcAddress
GetModuleHandleW
SetLastError
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
lstrcpyW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
GlobalFlags
GlobalFindAtomW
FreeResource
EncodePointer
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
LoadLibraryA
lstrcmpiW
LoadLibraryExW
GetModuleHandleA
DuplicateHandle
OutputDebugStringA
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FormatMessageW
CreateMutexW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
FileTimeToSystemTime
FindFirstFileW
FindClose
FileTimeToLocalFileTime
GetCurrentProcessId
ResumeThread
SuspendThread
SetThreadPriority
ReleaseMutex
LoadLibraryW
GetSystemDirectoryW
CopyFileW
GetTempPathW
GetNativeSystemInfo
RemoveDirectoryW
FreeLibrary

user32

IsCharLowerW
GetKeyboardLayout
WaitMessage
GetSystemMenu
IsZoomed
GetComboBoxInfo
TrackMouseEvent
GetKeyNameTextW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadMenuW
MapVirtualKeyW
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
MessageBeep
GetIconInfo
DrawIconEx
LoadImageW
IsRectEmpty
OffsetRect
SetRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IntersectRect
SendDlgItemMessageA
InflateRect
GetMenuItemInfoW
DestroyMenu
IsIconic
FillRect
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
InvalidateRect
KillTimer
SetTimer
DeleteMenu
SystemParametersInfoW
CopyImage
LoadCursorW
GetSysColorBrush
ReleaseDC
GetDC
RealChildWindowFromPoint
MapVirtualKeyExW
ClientToScreen
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
IsClipboardFormatAvailable
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
UnhookWindowsHookEx
SetCursor
ShowOwnedPopups
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetCursorPos
SetRect
SetParent
LockWindowUpdate
SetClassLongW
GetDoubleClickTime
CopyIcon
DrawIcon
GetWindowRgn
DestroyCursor
MapDialogRect
CreateMenu
GetUpdateRect
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
GetDesktopWindow
SetMenuDefaultItem
PostMessageW
GetSystemMetrics
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetLastActivePopup
GetWindowThreadProcessId
GetWindowLongW
IsWindowEnabled
EnableWindow
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
GetActiveWindow
IsWindowVisible
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterClassW
MessageBoxW
GetWindow
PostQuitMessage
PeekMessageW
PostThreadMessageW
DestroyIcon

gdi32

CreatePatternBrush
CreateRectRgn
CreateSolidBrush
DeleteDC
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
CreateCompatibleDC
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
CreateRectRgnIndirect
CreatePen
SetRectRgn
DPtoLP
GetTextMetricsW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
BitBlt
DeleteObject
GetObjectW
SetTextColor
SetBkColor
GetDeviceCaps
CreateDCW
CopyMetaFileW
CreateHatchBrush
PatBlt
SetWindowExtEx
CreateBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumKeyExW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
ControlService
DeleteService
CreateServiceW
StartServiceW
RegSetValueExW
RegCloseKey
RegQueryValueExW
OpenSCManagerW

shell32

SHAppBarMessage
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileW
DragFinish
SHGetFileInfoW
SHBrowseForFolderW

shlwapi

StrStrIW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
GetThemePartSize

ole32

OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
RegisterDragDrop
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoCreateInstance
PropVariantClear
CoInitialize
OleDuplicateData
ReleaseStgMedium
CoCreateGuid
CoDisconnectObject
CreateStreamOnHGlobal
DoDragDrop
CoLockObjectExternal

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString
VariantInit

winmm

PlaySoundW

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
CM_Get_Device_IDW
SetupDiEnumDeviceInfo
SetupDiDeleteDeviceInterfaceData
CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiEnumDeviceInterfaces

ws2_32

WSAStartup
WSACleanup
send
closesocket
recv

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDisposeImage
GdipCloneImage
GdipGetImageGraphicsContext
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdiplusStartup
GdipDrawImageRectI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Exports

Exports

EEPROMErase
EEPROMWrite
FunReadMem
FunReadMembyVIDPID
FunWriteMem
FunWriteMembyVIDPID
GetDevDspFirmwareInfo
GetDevFirmwareInfo
GetDevOTPFirmwareInfo
GetDevUpdateVersion
GetDevVIDPID
GetDevVIDPIDbyIdx
GetFwVersion
GetUACCount
GetUACInType
GetUACIndex
GetUACOutType
GetUACtargetIndex
GetUSBAudioCount
GetVIDPID
HID_SwitchDeviceMode
OpenDeviceVIDPID
ReadI2CSuperRegister
RebootDevice
SetUACtarget
UAC_Open
UVC_Close
UVC_Open
UVC_Open2
UVC_ResetToRom
WriteI2CSuperRegister

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1ea9e0bea1e996d9b20fab6ea555c94

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

hid

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

winmm

setupapi

ws2_32

oleacc

gdiplus

imm32

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 352KB - Virtual size: 351KB

.data Size: 81KB - Virtual size: 112KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 120KB - Virtual size: 119KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 352KB - Virtual size: 351KB

.data
Size: 81KB - Virtual size: 112KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 120KB - Virtual size: 119KB