de9504b762d8d8073fbfad8b8e9d0f60N

Sharing

Copy URL Twitter E-mail

General

Target

de9504b762d8d8073fbfad8b8e9d0f60N
Size

178KB
MD5

de9504b762d8d8073fbfad8b8e9d0f60
SHA1

f441d6bd2c88acd1148840f58f80953c6bed7d2e
SHA256

0852a259d2b4e415814da49f8c76825c8570951a1cd675a4226d10b37f1b7dcb
SHA512

59f86858a0f8d694b272114b70285adca66f092afbb21aa4fc2eacfad2b52cebc3bc704d7c6947a9cbf63d6b4db21eb63da8bb1ddd6a5bfd4eb9a003302e28e8
SSDEEP

3072:5kvT7ywZydsmQsjhnOsPrSyadO/O6qK6KosOmOiKhWeXyfiTzn0Fy5X:5Su6dYOs+F0m6dtoF/FYeXyfiTzYy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de9504b762d8d8073fbfad8b8e9d0f60N

Files

de9504b762d8d8073fbfad8b8e9d0f60N
.dll windows:6 windows x86 arch:x86

1db5e54e032494112b58ef801e3de834

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\node-exclude\Inovance\ProductLine\Servo\TempOut\IntertialIdentifyPanel\Release\IntertialIdentifyPanel.pdb

Imports

mfc140u

ord3302
ord3305
ord3404
ord3403
ord11396
ord9210
ord2760
ord13752
ord6218
ord2378
ord286
ord1045
ord1523
ord12763
ord12884
ord8360
ord4815
ord995
ord6349
ord14668
ord6350
ord14669
ord10394
ord14667
ord11982
ord11983
ord2034
ord4090
ord9398
ord12541
ord12542
ord1689
ord1692
ord3265
ord3372
ord3371
ord4974
ord5019
ord4942
ord4954
ord4960
ord4966
ord4936
ord12258
ord12262
ord486
ord11002
ord3266
ord13878
ord1722
ord1744
ord1770
ord1756
ord1777
ord5003
ord4948
ord5013
ord4997
ord4912
ord4927
ord10255
ord4502
ord5790
ord9693
ord4494
ord3055
ord14590
ord7923
ord14785
ord6877
ord11717
ord14234
ord13028
ord13703
ord5935
ord5422
ord2682
ord12124
ord3941
ord12168
ord8776
ord8773
ord8817
ord4886
ord8470
ord7653
ord1472
ord8386
ord12247
ord10433
ord12928
ord12865
ord4589
ord7997
ord8324
ord5357
ord2486
ord14589
ord7922
ord14595
ord4152
ord12947
ord7941
ord14466
ord12531
ord8000
ord6860
ord3852
ord5918
ord12239
ord8217
ord12251
ord12219
ord5249
ord5549
ord5760
ord9350
ord5525
ord5763
ord5252
ord5411
ord4988
ord8210
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord10250
ord9209
ord4856
ord3236
ord2246
ord14657
ord12405
ord14604
ord12348
ord6751
ord10285
ord2383
ord10287
ord10286
ord10284
ord10288
ord5652
ord11725
ord11726
ord9139
ord12089
ord3838
ord11936
ord14588
ord8965
ord14596
ord1513
ord6978
ord6348
ord3849
ord1514
ord325
ord1053
ord2365
ord324
ord1052
ord2408
ord2411
ord2376
ord2410
ord485
ord2268
ord2374
ord2184
ord2300
ord2399
ord1511

kernel32

GetModuleHandleW
GetProcAddress
GetModuleHandleA
SetLastError
OutputDebugStringA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
LoadLibraryW
LocalAlloc
DecodePointer
OutputDebugStringW
LocalFree
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetModuleFileNameW

user32

EnableWindow
GetWindowRect
SetParent
UnregisterClassW
GetParent

gdi32

DeleteDC

oleaut32

SysFreeString

inoskinuiu

?OnOK@CInoSkinPDialog@@UAEXXZ
??0CInoSkinPDialog@@QAE@IPAVCWnd@@@Z
?EnableVisualManagerStyle@CInoSkinPDialog@@QAEXHHPBV?$CList@II@@@Z
?PreTranslateMessage@CInoSkinPDialog@@UAEHPAUtagMSG@@@Z
?OnDestroy@CInoSkinPDialog@@IAEXXZ
?OnInitDialog@CInoSkinPDialog@@MAEHXZ
?GetThisMessageMap@CInoSkinPDialog@@KGPBUAFX_MSGMAP@@XZ
??1CInoSkinPDialog@@UAE@XZ
?AdjustControlsLayout@CInoSkinPDialog@@UAEXXZ
?Create@CInoSkinPDialog@@UAEHIPAVCWnd@@@Z
?Create@CInoSkinPDialog@@UAEHPBGPAVCWnd@@@Z
?DoModal@CInoSkinPDialog@@UAEHXZ
?GetRibbonStartPageLeftPaneWidth@CInoSkinPDialog@@UAEHXZ
?GetRuntimeClass@CInoSkinPDialog@@UBEPAUCRuntimeClass@@XZ
?OnAfterExpand@CInoSkinPDialog@@UAEXXZ
?OnBeforeExpand@CInoSkinPDialog@@UAEXXZ
?OnCancel@CInoSkinPDialog@@UAEXXZ
?OnCommand@CInoSkinPDialog@@MAEHIJ@Z
?SetActiveMenu@CInoSkinPDialog@@MAEXPAVCInoSkinPPopupMenu@@@Z
?PreInitDialog@CInoSkinPDialog@@MAEXXZ
?OnSetPlacement@CInoSkinPDialog@@UAEHAAUtagWINDOWPLACEMENT@@@Z
?OnDrawBackstageWatermark@CInoSkinPDialog@@UAEXPAVCDC@@VCRect@@@Z
?OnRTLChanged@CInoSkinPDialog@@UAEXH@Z
?OnDrawRibbonBackgroundImage@CInoSkinPDialog@@UAEXPAVCDC@@VCRect@@@Z

gdiplus

GdiplusShutdown

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

vcruntime140

__std_exception_destroy
__std_exception_copy
__CxxFrameHandler3
memmove
__std_terminate
_purecall
memset
__current_exception
__current_exception_context
_except_handler4_common
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo
_initterm_e
_initterm
terminate
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-heap-l1-1-0

_recalloc
free

Exports

Exports

CreateInterFace
SafeRelease
SetQueryInterfaceCallback
SupportedInterface

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1db5e54e032494112b58ef801e3de834

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc140u

kernel32

user32

gdi32

oleaut32

inoskinuiu

gdiplus

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 5KB - Virtual size: 4KB