f7d58ffd99be215a5c5e68e0689a6325dbf7df1d0caae196eee0b8e0166845e8

Sharing

Copy URL Twitter E-mail

General

Target

f7d58ffd99be215a5c5e68e0689a6325dbf7df1d0caae196eee0b8e0166845e8
Size

211KB
MD5

0a130285921d3730c6075260fe2bc76b
SHA1

134963db766cc81ccdfe8102ad4ac5ebcfb1aa44
SHA256

f7d58ffd99be215a5c5e68e0689a6325dbf7df1d0caae196eee0b8e0166845e8
SHA512

82b52f3ac71b010b7524fb2360fab12d301f46ede5fe0e20201e36a6c447d6eec73e739647807f430ac77751d31327c2b734af0bddde506ced2c1a24360cf4b9
SSDEEP

3072:5tyHbCI5ZgFWc/aiC8iEgskuSqvf96DTAMJIt524Xl+/Rj7vhvyc6:50bP5Zg3/k8dx+TAMJIt5u5hvyc6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d58ffd99be215a5c5e68e0689a6325dbf7df1d0caae196eee0b8e0166845e8

Files

f7d58ffd99be215a5c5e68e0689a6325dbf7df1d0caae196eee0b8e0166845e8
.dll windows:5 windows x86 arch:x86

1c8b535751791be79fbcc7f6c013eb80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\tmps\Documents\Visual Studio 2008\Projects\FF01_DLL\Release\FF01_SDK.pdb

Imports

kernel32

Sleep
WaitForSingleObject
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDrives
GetVersionExA
GetVersion
CloseHandle
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
CreateEventA
CreateFileA
GetLastError
DeviceIoControl
GetCurrentThreadId
GetCommandLineA
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapFree
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

Exports

Exports

TX1_UDV_ChangePassword
TX1_UDV_CloseAPI
TX1_UDV_DisablePassword
TX1_UDV_FormatPartition
TX1_UDV_GetDeviceInfo
TX1_UDV_GetInquiryReversion
TX1_UDV_GetStatus
TX1_UDV_GetUnitSize
TX1_UDV_GetWriteProtect
TX1_UDV_Get_ExtraLED_Status
TX1_UDV_InitAPI
TX1_UDV_ListTokens
TX1_UDV_Login
TX1_UDV_Logout
TX1_UDV_ReadBlockCDROM
TX1_UDV_ReadHiddenArea
TX1_UDV_ReadSector_TargetPartition
TX1_UDV_ResetPassword
TX1_UDV_ResizeCDPartition
TX1_UDV_ResizePublicPartition
TX1_UDV_SetDevice_MediaChanged
TX1_UDV_SetInquiryReversion
TX1_UDV_SetPID
TX1_UDV_SetPassword
TX1_UDV_SetProductionName
TX1_UDV_SetSerialNumber
TX1_UDV_SetVID
TX1_UDV_SetVendorName
TX1_UDV_SetWriteProtect
TX1_UDV_SetWriteProtect_Temporarily
TX1_UDV_Set_ExtraLED_Status
TX1_UDV_Support_Logout_NonPW
TX1_UDV_WriteBlockCDROM
TX1_UDV_WriteHiddenArea
TX1_UDV_WriteSector_into_WPPartition
TX1_UDV_isHID
TX1_UDV_isReady_HIDmode

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c8b535751791be79fbcc7f6c013eb80

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 175KB - Virtual size: 174KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 9KB - Virtual size: 102KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 9KB - Virtual size: 102KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 9KB - Virtual size: 8KB