5810470e7031c46a8ae5ef6af9bd250be7be3959f9af20cd424447c50d230e1a

Sharing

Copy URL Twitter E-mail

General

Target

5810470e7031c46a8ae5ef6af9bd250be7be3959f9af20cd424447c50d230e1a
Size

77KB
MD5

89f1ca8de62c8b993a0d1af5b22801c2
SHA1

33b0c3a373f4ba6f8248d614ce9f95db3ddfe40d
SHA256

5810470e7031c46a8ae5ef6af9bd250be7be3959f9af20cd424447c50d230e1a
SHA512

0f6850d0849253713fed5441bafffb191566c9c54d4b46e7819e4ebd4cde00c645abd268aa1a182de22ec3d8ca0ade3da6d6d1260beb6b4f090682377ea9817b
SSDEEP

1536:o7JbQXs+4T1asO8FaFRSVBHCSv/E9uspR74Y8BnmJ8eIhJr6Kem8rhFMAIDGCq2d:IJs8xasriRQ7v/EksV8BnmweNhFFSGCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5810470e7031c46a8ae5ef6af9bd250be7be3959f9af20cd424447c50d230e1a

Files

5810470e7031c46a8ae5ef6af9bd250be7be3959f9af20cd424447c50d230e1a
.exe windows:6 windows x86 arch:x86

be67bfbe65def16026cd03253aa0ae5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\1\s\Win32\Release\usbmuxd.pdb

Imports

ws2_32

htons
accept
htonl
send
ntohs
recv
ioctlsocket
ntohl
WSAGetLastError
WSAPoll
socket
inet_addr
WSAStartup
listen
setsockopt
bind
closesocket

libusb-1.0

libusb_free_device_list
libusb_handle_events_timeout
libusb_close
libusb_error_name
libusb_release_interface
libusb_open
libusb_free_transfer
libusb_get_device_address
libusb_alloc_transfer
libusb_get_bus_number
libusb_hotplug_register_callback
libusb_submit_transfer
libusb_get_max_packet_size
libusb_get_configuration
libusb_get_version
libusb_get_string_descriptor_ascii
libusb_get_device_speed
libusb_hotplug_deregister_callback
libusb_strerror
libusb_exit
libusb_get_device_descriptor
libusb_get_active_config_descriptor
libusb_has_capability
libusb_set_option
libusb_claim_interface
libusb_init
libusb_get_device_list
libusb_free_config_descriptor
libusb_cancel_transfer

libusb0

usb_get_string_simple
usb_set_debug
usb_find_busses
usb_open
usb_get_busses
usb_close
usb_init
usb_find_devices
usb_set_configuration

pthreadvc3

pthread_create
pthread_attr_init
pthread_attr_setdetachstate
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_destroy
pthread_mutex_unlock

plist

plist_new_uint
plist_new_bool
plist_copy
plist_get_uint_val
plist_dict_get_item
plist_to_xml
plist_new_dict
plist_get_string_val
plist_array_append_item
plist_from_bin
plist_dict_remove_item
plist_get_data_val
plist_get_node_type
plist_from_xml
plist_free
plist_new_data
plist_dict_set_item
plist_new_string
plist_new_array

imobiledevice

lockdownd_start_service
lockdownd_client_new
np_client_new
lockdownd_client_free
lockdownd_get_value
np_observe_notifications
lockdownd_set_value
idevice_free
lockdownd_pair
lockdownd_validate_pair
np_set_notify_callback
lockdownd_query_type
lockdownd_start_session
idevice_set_socket_type
lockdownd_service_descriptor_free
idevice_set_debug_level
np_client_free

kernel32

Sleep
GetSystemTime
SystemTimeToFileTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
ReleaseMutex
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
CreateMutexA
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

getopt

optarg_a
getopt_long_a

vcruntime140

_except_handler4_common
memmove
__current_exception
__current_exception_context
memcpy
memset

api-ms-win-crt-heap-l1-1-0

realloc
free
_set_new_mode
malloc

api-ms-win-crt-string-l1-1-0

strncpy
_strdup

api-ms-win-crt-runtime-l1-1-0

_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe
terminate
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
exit
__p___argc
_c_exit
strerror
_cexit
_errno
__p___argv

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__acrt_iob_func
freopen
__p__commode
_set_fmode
ftell
fopen
fclose
fseek
rewind
fwrite
fread
__stdio_common_vfprintf

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-filesystem-l1-1-0

_stat32
_splitpath
_mkdir
remove

api-ms-win-crt-time-l1-1-0

strftime
_time32
_localtime32

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be67bfbe65def16026cd03253aa0ae5c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

libusb-1.0

libusb0

pthreadvc3

plist

imobiledevice

kernel32

shell32

ole32

getopt

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

�����u� Size: 16KB - Virtual size: 20KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB

��u�
Size: 16KB - Virtual size: 20KB