8b980632c5dacf2666c0372f0a4071436b06229c997c764ed48612da404df1f9

Sharing

Copy URL Twitter E-mail

General

Target

8b980632c5dacf2666c0372f0a4071436b06229c997c764ed48612da404df1f9
Size

2.3MB
MD5

1062659656de27efc9a534f255c9baa7
SHA1

e3fc49f9f983d2f5bfedf1b9c66fc34ed8475628
SHA256

8b980632c5dacf2666c0372f0a4071436b06229c997c764ed48612da404df1f9
SHA512

f253eef4efca8566c8e99381f4f65922a272646c29c67dee12e336714b669cab228b04fc0d562afea1ac30f48a1bf293b1408b44350219ed47e72a0f4129b233
SSDEEP

49152:mAvu8x+gHQ3OVF58aEsjQqW6N7CK93anIn4gqWdFl/TTzHEGpYDQ:Df7HQG+IJ7Hlpa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b980632c5dacf2666c0372f0a4071436b06229c997c764ed48612da404df1f9

Files

8b980632c5dacf2666c0372f0a4071436b06229c997c764ed48612da404df1f9
.exe windows:5 windows x86 arch:x86

0b40dde35171be112f6da3e558287bfe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Code\Visual Studio 20081 - 副本 - 副本\Visual Studio 2008\UpgradeFlash\ProgramFlash\ReleaseAppLT Programmer.pdb

Imports

winusb

WinUsb_GetDescriptor
WinUsb_ControlTransfer
WinUsb_Initialize
WinUsb_Free

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

kernel32

RaiseException
ExitProcess
ExitThread
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
GetProcessHeap
RtlUnwind
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetTempFileNameW
GetTickCount
GetCurrentDirectoryW
GetFileTime
GetFileSizeEx
SetFileAttributesW
SetErrorMode
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameW
SetThreadPriority
lstrcpynW
GetTempPathW
GetPrivateProfileSectionNamesW
GetExitCodeThread
TerminateThread
EnumResourceTypesW
EnumResourceNamesW
CreateDirectoryW
SetEnvironmentVariableA
HeapReAlloc
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
FormatMessageW
LocalFree
WideCharToMultiByte
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CloseHandle
CreateThread
GetFileAttributesW
DeleteFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
LoadLibraryW
GetProcAddress
FreeLibrary
SetEvent
ResetEvent
CreateEventW
InitializeCriticalSection
CreateFileA
SetCommTimeouts
SetCommMask
GetCommState
BuildCommDCBA
SetCommState
PurgeComm
WaitCommEvent
GetLastError
ClearCommError
WaitForMultipleObjects
GetCommMask
ResumeThread
SuspendThread
WriteFile
GetOverlappedResult
ReadFile
InterlockedIncrement
GetPrivateProfileIntW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
GetCurrentProcessId
InterlockedDecrement
GetModuleHandleA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
SetLastError
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
GetACP
GetModuleFileNameW
GetModuleHandleW
FindClose
FindFirstFileW
GetDriveTypeW
CreateFileW
DeleteCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep

user32

LoadCursorW
GetSysColorBrush
ShowOwnedPopups
SetCursor
GetMessageW
GetCursorPos
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
MapVirtualKeyW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
CharUpperW
GetWindowThreadProcessId
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
DefFrameProcW
GetTabbedTextExtentA
IsWindowUnicode
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
SetScrollPos
GetScrollPos
UnregisterClassW
IsClipboardFormatAvailable
MessageBeep
SetRect
SetCapture
WindowFromPoint
SetForegroundWindow
ShowScrollBar
ReleaseCapture
WaitMessage
DeleteMenu
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
GetWindowLongA
SetWindowLongA
SendMessageTimeoutW
GetMenuDefaultItem
IsMenu
GetWindowRgn
SetCursorPos
GetDoubleClickTime
LookupIconIdFromDirectoryEx
DestroyIcon
TranslateAcceleratorW
BringWindowToTop
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
SendMessageW
UpdateWindow
InvalidateRect
RedrawWindow
PostMessageW
EnableWindow
GetParent
GetWindowRect
MessageBoxW
LoadMenuW
GetSubMenu
TrackPopupMenu
PtInRect
SetTimer
GetSystemMetrics
FindWindowExW
KillTimer
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemInt
CheckRadioButton
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetFocus
OffsetRect
GetClientRect
GetWindowLongW
DrawFrameControl
SetWindowLongW
LoadIconW
SetRectEmpty
IsRectEmpty
EqualRect
ChangeWindowMessageFilter
IsIconic
DrawIcon
wsprintfW
GetSystemMenu
SetParent
UnionRect
PostThreadMessageW
GetDCEx
LockWindowUpdate
RegisterWindowMessageW
TranslateMDISysAccel
DrawMenuBar
IsWindow
GetDlgItem
DrawFocusRect
LoadImageW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
MessageBoxA
UnregisterDeviceNotification
RegisterDeviceNotificationW
DispatchMessageW
TranslateMessage
PeekMessageW
EnableScrollBar
OpenClipboard
CreateCaret
SetCaretPos
ShowCaret
DestroyCaret
CloseClipboard
SetClipboardData
EmptyClipboard
DragDetect
GetClipboardData
DrawEdge
HideCaret
InvertRect
IsZoomed
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
DrawStateW
GetIconInfo
GetCursor
SetWindowRgn
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
DrawIconEx

gdi32

LineTo
MoveToEx
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetDeviceCaps
GetCurrentPositionEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
CreatePen
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
CreateRectRgnIndirect
PatBlt
GetTextMetricsW
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetCharWidthW
CreateFontW
StretchDIBits
CreateCompatibleBitmap
GetBkColor
GetTextColor
GetRgnBox
PolyBezierTo
IntersectClipRect
GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetStretchBltMode
SetMapMode
ScaleWindowExtEx
SetBoundsRect
Polygon
SetPixel
EnumFontFamiliesExW
GetBitmapBits
ExtCreateRegion
GetCurrentObject
StretchBlt
CreateDIBSection
GetDIBits
Polyline
PtInRegion
GetTextAlign
GetViewportOrgEx
CreatePolygonRgn
RoundRect
GetWindowOrgEx
GetTextExtentPoint32A
Ellipse
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
ExcludeClipRect

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
RegEnumValueA
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
DragFinish
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHAppBarMessage
ShellExecuteW
DragQueryPoint
DragQueryFileW

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_DrawEx
ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_Draw
ImageList_GetImageCount
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleRun
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoTaskMemFree

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VariantCopy
SafeArrayDestroy
VarDateFromStr
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
VariantChangeTypeEx
OleLoadPicturePath
VarUdateFromDate
SafeArrayAccessData

ws2_32

closesocket
inet_addr
WSAStartup
WSACleanup
socket
htonl
htons
connect
WSAGetLastError
recv
send
setsockopt
ntohl

usbiox

USBIO_SetDeviceNotify
USBIO_SetStream
USBIO_CloseDevice
USBIO_StreamI2C
USBIO_OpenDevice

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b40dde35171be112f6da3e558287bfe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winusb

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

usbiox

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 418KB - Virtual size: 417KB

.data Size: 35KB - Virtual size: 55KB

.rsrc Size: 242KB - Virtual size: 241KB

.reloc Size: 168KB - Virtual size: 168KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 418KB - Virtual size: 417KB

.data
Size: 35KB - Virtual size: 55KB

.rsrc
Size: 242KB - Virtual size: 241KB

.reloc
Size: 168KB - Virtual size: 168KB