Overview

overview

7

Static

static

3

Commission...1].exe

windows7-x64

7

Commission...1].exe

windows10-2004-x64

7

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/vcre...64.exe

windows7-x64

7

$TEMP/vcre...64.exe

windows10-2004-x64

7

CommissioningTool.exe

windows7-x64

3

CommissioningTool.exe

windows10-2004-x64

3

CrashRpt1401.dll

windows7-x64

1

CrashRpt1401.dll

windows10-2004-x64

1

CrashSender1401.exe

windows7-x64

1

CrashSender1401.exe

windows10-2004-x64

1

Driver/32B...sb.sys

windows7-x64

1

Driver/32B...sb.sys

windows10-2004-x64

1

Driver/32B...st.exe

windows7-x64

4

Driver/32B...st.exe

windows10-2004-x64

4

Driver/64B...sb.sys

windows7-x64

1

Driver/64B...sb.sys

windows10-2004-x64

1

Driver/64B...st.exe

windows7-x64

4

Driver/64B...st.exe

windows10-2004-x64

4

FWUpgrade_dll.dll

windows7-x64

1

FWUpgrade_dll.dll

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

dbghelp.dll

windows7-x64

3

dbghelp.dll

windows10-2004-x64

3

freetype.dll

windows7-x64

1

freetype.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    commissioning.zip

  • Size

    19.4MB

  • MD5

    200121af6b79ce32b43404239c8f63db

  • SHA1

    84815942f888421c8377138ecc2dccdf7f49b5cd

  • SHA256

    b10b48cf55b004e377f60df81fddb75bfeea712062f6a30da39713038f52045b

  • SHA512

    020ee9920834ebef976c4132eb32da1a4aff8f70eacc8da5b7fed620f686f486a283657ef343385f25e5ac8a11791015c3733aa2edb0b4f7a9fc29e8515b820d

  • SSDEEP

    393216:/GhMGWRllAtMnhqWL3psvNAkAGnRv5mhG69fykMv/zOBmPcn1JUV:kWHhnDL5OAPGnRv5X696djOmknHE

Score
3/10

Malware Config

Signatures

  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

Files

  • commissioning.zip
    .zip

    Password: infected

  • CommissioningTool64_1.6.11_Setup[1].exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Headers

    Imports

    Sections

  • $LOCALAPPDATA/CommissioningTool64/cfg/CameraCfg.xml
    .xml
  • $LOCALAPPDATA/CommissioningTool64/cfg/CameraCfg_template_bt.xml
    .xml
  • $LOCALAPPDATA/CommissioningTool64/cfg/CameraCfg_template_mht.xml
    .xml
  • $LOCALAPPDATA/CommissioningTool64/cfg/CameraCfg_template_qcc.xml
    .xml
  • $LOCALAPPDATA/CommissioningTool64/cfg/DejaVuSans.ttf
  • $LOCALAPPDATA/CommissioningTool64/cfg/OCTSurfaceDistCorr.lut
  • $LOCALAPPDATA/CommissioningTool64/cfg/OCTSurfaceFitConfig.xml
  • $LOCALAPPDATA/CommissioningTool64/cfg/config.txt
  • $LOCALAPPDATA/CommissioningTool64/cfg/configDefault.txt
  • $LOCALAPPDATA/CommissioningTool64/cfg/scanner.stl
  • $LOCALAPPDATA/CommissioningTool64/cfg/sensor_adjustment.png
    .png
  • $PLUGINSDIR/StartMenu.dll
    .dll windows:5 windows x86 arch:x86

    b1d9539c7cfd95718179dedb471b482f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $TEMP/vcredist_x64.exe
    .exe windows:5 windows x86 arch:x86

    a1f6f100bff4507a3332f3f0cdfc24f5


    Code Sign

    Headers

    Imports

    Sections

  • CommissioningTool.exe
    .exe windows:5 windows x64 arch:x64

    792945dd1b1a6efc9093e58476c2df31


    Headers

    Imports

    Exports

    Sections

  • CrashRpt1401.dll
    .dll windows:5 windows x64 arch:x64

    c967d8c3b2d476270b952e125d0de6d4


    Headers

    Imports

    Exports

    Sections

  • CrashSender1401.exe
    .exe windows:5 windows x64 arch:x64

    c3e24a176818b4c0adcfd0365e548ffb


    Headers

    Imports

    Sections

  • Driver/32Bit/cyusb.cat
  • Driver/32Bit/cyusb.inf
  • Driver/32Bit/cyusb.sys
    .sys windows:6 windows x86 arch:x86

    2958acda1f2ebd2100c0f8f7565488e8


    Headers

    Imports

    Sections

  • Driver/32Bit/dpinst.exe
    .exe windows:6 windows x86 arch:x86

    3ab7cc62e4963955ad408cd420cd8ef1


    Code Sign

    Headers

    Imports

    Sections

  • Driver/64Bit/cyusb.cat
  • Driver/64Bit/cyusb.inf
  • Driver/64Bit/cyusb.sys
    .sys windows:6 windows x64 arch:x64

    c294c3f793300bd60d3e6a308fe01d1f


    Headers

    Imports

    Sections

  • Driver/64Bit/dpinst.exe
    .exe windows:6 windows x64 arch:x64

    3eacb9638877275335da4b58e52824f8


    Code Sign

    Headers

    Imports

    Sections

  • FWUpgrade_dll.dll
    .dll windows:5 windows x64 arch:x64

    8916324e1f4423e56c99f407301e06ce


    Headers

    Imports

    Exports

    Sections

  • Uninstall.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Headers

    Imports

    Sections

  • crashrpt_lang.ini
  • dbghelp.dll
    .dll windows:6 windows x86 arch:x86

    3f5a00ef2a36f3cd8924690a5a1d6f3c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • firmware/firmware.zip
    .zip
  • 3DS_II_121107_V01_IFB30.rbf
  • 3DS_I_120203_V01_IFB30.xsvf
  • 3dSca_fwu.iic
  • 3dScannerMHT_EP_with_FPGA_V0.0.38.iic
  • 3dScanner_SBII_V0.0.40.iic
  • FW_Interfaceboard_QCC_V1.74.sim
  • FW_Interfaceboard_V1.61.sim
  • QCC_130823_V01.rbf
  • QCC_130823_V01_2L.rbf
  • version.xml
    .xml
  • freetype.dll
    .dll windows:5 windows x64 arch:x64

    af8b2e7b858fba5810976140c3fa483b


    Headers

    Imports

    Exports

    Sections

  • ftgl.dll
    .dll windows:5 windows x64 arch:x64

    d6c3aa294d15bb62845687259377c2e4


    Headers

    Imports

    Exports

    Sections

  • glew32.dll
    .dll windows:5 windows x64 arch:x64

    5b57fec363f171a81be65eb531ad02ca


    Headers

    Imports

    Exports

    Sections