2f0717ce61168940a186e9b99857e011aebcef6656aca3aa8fbaa9088331d4d4

Sharing

Copy URL Twitter E-mail

General

Target

2f0717ce61168940a186e9b99857e011aebcef6656aca3aa8fbaa9088331d4d4
Size

808KB
MD5

c9810d8fd64ee56945d59d90c515de5d
SHA1

ae488523a7777c66167da0c78a71683e37d5419d
SHA256

2f0717ce61168940a186e9b99857e011aebcef6656aca3aa8fbaa9088331d4d4
SHA512

0792434b8660316d8067dd77c9daded51b56145ef877cc4631d4b2b1a6f228ad8bc2b4c22b1113f8a250ed80493cd732c25840b4d558ffda19a8a51a005bc8c1
SSDEEP

12288:yeSEH0Vl4ofS4Sa9KdkZq+vy2EzsGRP0gj+s5oaD4WBDPIawCN1uNUBD3NV:yREHsl4xtpaEzsiws5oaDFDIaPxBDL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0717ce61168940a186e9b99857e011aebcef6656aca3aa8fbaa9088331d4d4

Files

2f0717ce61168940a186e9b99857e011aebcef6656aca3aa8fbaa9088331d4d4
.exe windows:4 windows x86 arch:x86

be7f51d8e3eb660f437abbb414c441d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
GetProfileStringA
HeapSize
GetFileType
SetStdHandle
HeapReAlloc
GetACP
ExitThread
RaiseException
CreateDirectoryA
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
ExitProcess
HeapFree
RtlUnwind
GetCurrentDirectoryA
SetErrorMode
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
lstrlenW
GetProfileIntA
GetDiskFreeSpaceA
GetTempFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
SetThreadPriority
lstrcpynA
SetLastError
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
FormatMessageA
LocalFree
GetCommMask
BuildCommDCBA
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalReAlloc
GetVersionExA
GetModuleFileNameA
SuspendThread
WaitForMultipleObjects
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
SetEvent
ResetEvent
FreeLibrary
GetSystemDefaultLangID
OpenProcess
TerminateProcess
CreateThread
CreateMutexA
WriteFile
GetLastError
GetOverlappedResult
CreateFileA
SetCommTimeouts
CreateEventA
PurgeComm
GetCommState
SetCommState
ResumeThread
ReadFile
WaitCommEvent
ClearCommError
SetCommMask
WaitForSingleObject
CloseHandle
GetVolumeInformationA
CopyFileA
GetTickCount
Sleep
OutputDebugStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetStringTypeA
GetPrivateProfileStringA

user32

GetWindowDC
DrawFocusRect
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
wvsprintfA
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
FindWindowA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
LoadIconA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
WinHelpA
wsprintfA
RegisterClassA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetForegroundWindow
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
SetFocus
IsChild
FrameRect
GetMenuStringA
WindowFromPoint
IsRectEmpty
IsWindowVisible
CopyRect
GetDoubleClickTime
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowLongA
SetWindowLongA
GetNextDlgTabItem
OffsetRect
SetRect
GetCapture
ReleaseCapture
CharNextA
ClipCursor
InvertRect
GetFocus
GetMessagePos
SetCursor
GetSystemMetrics
IsClipboardFormatAvailable
SendMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
EnableWindow
ReleaseDC
GrayStringA
DrawTextA
TabbedTextOutA
InvalidateRect
GetCursorPos
GetKeyState
IntersectRect
GetParent
InflateRect
GetClassInfoA
DefWindowProcA
LoadCursorA
IsWindow
GetSysColor
SystemParametersInfoA
RegisterDeviceNotificationA
GetWindowThreadProcessId
RemovePropA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
GetClassLongA
CopyAcceleratorTableA
UnregisterDeviceNotification
DestroyMenu
GetWindow
GetPropA
IsIconic
SetForegroundWindow
GetLastActivePopup
SetPropA
ClientToScreen
ScreenToClient
PtInRect
UpdateWindow
PostMessageA
MessageBoxA
RedrawWindow
KillTimer
FillRect
GetClientRect
GetDC
GetWindowRect
GetDesktopWindow
SetTimer
InsertMenuA
GetSysColorBrush
GetClassNameA
DeleteMenu
DefMDIChildProcA
DrawMenuBar
SetCursorPos
IsZoomed
LoadStringA
RegisterClipboardFormatA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
BeginPaint
LoadAcceleratorsA
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
CharUpperA
GetMessageA
TranslateMessage
ValidateRect
SetCapture
DestroyIcon
DrawEdge
EndPaint
TranslateAcceleratorA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
CreateFontA
GetStockObject
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetTextColor
CopyMetaFileA
GetTextExtentPoint32A
GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetBkColor
Ellipse
GetObjectA
CreateFontIndirectA
SelectObject
GetTextMetricsA
RestoreDC
SaveDC
DeleteDC
DeleteObject
DPtoLP
LPtoDP
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
Rectangle
GetCurrentObject
PatBlt
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
CreatePen
SetPixel
CreateDIBitmap
GetTextExtentPointA
BitBlt

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
ExtractIconA

comctl32

ImageList_Create
ImageList_Destroy
ord17
ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked

oledlg

ord8

ole32

DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CoRegisterMessageFilter
CoRevokeClassObject
OleGetClipboard
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
OleSetClipboard
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen
SysFreeString

chcomcommon

?comm_ReleaseComm@@YAXPAX@Z
?comm_GetComm@@YAHPAPAXPBDIII@Z

chcom_dpm

?comm_GetPowerHz@@YAHPAXPBDPAM22222@Z

chcom_photo

?comm_GetPhoto@@YAHPAXPBD0PAM@Z

chcomm_wlx0xx

?WL30xx_AlarmReset@@YAHPAX@Z
?WL30xx_DirectOutputVolCur@@YAHPAXMMH@Z
?WL30xx_SetOutputCurrent@@YAHPAXPAM1@Z
?WL30xx_SetOutputVoltage@@YAHPAXPAM1@Z
?WL30xx_GetAddress@@YAHPAXPAE@Z

chcomm_chp500

?VAS10_SwitchOutputStatus@@YAHPAXPAH@Z
?JJ10_GetParams@@YAHPAXPAM1111@Z
?VAS10_SetFreq@@YAHPAXPAM@Z
?JJ10_SetVoltage@@YAHPAXPAM@Z
?JJ10_SwitchOutputStatus@@YAHPAXPAH@Z
?CHP500v96_GetParams@@YAHPAXPAM1111@Z
?CHP500v96_GetVolScale@@YAHPAXPAH@Z
?CHP500v96_ChangeScale@@YAHPAXPAHPAM@Z
?CHP500v96_SetFreq@@YAHPAXPAM@Z
?CHP500v96_SetVoltage@@YAHPAXPAM@Z
?CHP500v96_SwitchOutputStatus@@YAHPAXPAH@Z
?VAS10_GetParams@@YAHPAXPAM1111@Z
?VAS10_SetVoltage@@YAHPAXPAM@Z
?JJ10_SetFreq@@YAHPAXPAM@Z

chcomm_chl8b

?CHL8b_GetResult@@YAHPAXPAEPAM22@Z
?CHL8b_SetElecFunc@@YAHPAXH@Z
?CHL8b_SetVR@@YAHPAXM@Z
?CHL8b_SetIF@@YAHPAXM@Z
?CHL8b_Close@@YAHPAX@Z

chcomm_multiselector

?multiselector_SelChannel@@YAHPAXH@Z
?multiselector_SetFixture@@YAHPAXHAAH@Z

chl_228adll

?CHL228A_SetFixtrue@@YAHPAXH@Z
?CHL228A_SetYGoto@@YAHPAXM@Z
?CHL228A_GetPos@@YAHPAXAAM1@Z
?CHL228A_SetXGoto@@YAHPAXM@Z
?CHL228A_GetState@@YAHPAXAAH@Z
?CHL228A_SetSphere@@YAHPAXH@Z

shlwapi

PathIsDirectoryA

Sections

.text
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be7f51d8e3eb660f437abbb414c441d8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

chcomcommon

chcom_dpm

chcom_photo

chcomm_wlx0xx

chcomm_chp500

chcomm_chl8b

chcomm_multiselector

chl_228adll

shlwapi

Sections

.text Size: 484KB - Virtual size: 481KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 36KB - Virtual size: 200KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 484KB - Virtual size: 481KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 36KB - Virtual size: 200KB

.rsrc
Size: 24KB - Virtual size: 20KB