5f3a49630fabe695a336cc34b1a6d021dad1744712962387c683006c21217de4

Sharing

Copy URL

Twitter E-mail

General

Target

5f3a49630fabe695a336cc34b1a6d021dad1744712962387c683006c21217de4
Size

172KB
MD5

c53997ef2fc5ca1228890f90496d9596
SHA1

e2a283955e2293cfaa56d02270df1791c1926d94
SHA256

5f3a49630fabe695a336cc34b1a6d021dad1744712962387c683006c21217de4
SHA512

2fa70e7f16e0ece5636d0e4a9ab21cca9bdf9e333de185b3c5b758ed9836e5839ca9ff5110f54b9310e7f4dda35fe64602bb0da49ef98f9adc38df40c4e50845
SSDEEP

3072:D6TGSqQ5lDXvMpbJJWK2FR+JMne0snbB8pj0hNod+ww2WE2ZWH+KMcsAJ3:+5qWV/kbbWKeRMIWnMjzd+95E2/dD03

Score

N/A

Malware Config

Signatures

Files

5f3a49630fabe695a336cc34b1a6d021dad1744712962387c683006c21217de4
.exe windows x86

ba6512cb3811a85a716dbe76cb8032dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Locate_DevNodeW
CM_Set_Class_Registry_PropertyW
CM_Add_ID_ExA
CM_Query_Remove_SubTree_Ex
CM_Get_Device_IDA
CM_Query_Arbitrator_Free_Data
CM_Add_IDA
CM_Add_Res_Des_Ex
CM_Enumerate_Enumerators_ExW
CM_Setup_DevNode
CM_Get_Device_ID_List_Size_ExA
CM_Set_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status_Ex
CM_Locate_DevNodeA
CM_Invert_Range_List
CM_Query_Arbitrator_Free_Data_Ex
CM_Set_HW_Prof
CM_Set_HW_Prof_Flags_ExW
CM_Get_Device_ID_ListA
CM_Disable_DevNode_Ex
CM_Reenumerate_DevNode
CM_Set_Class_Registry_PropertyA
CM_Register_Device_Interface_ExW
CM_Get_Class_Key_NameW
CM_Get_Resource_Conflict_DetailsW
CM_Add_Empty_Log_Conf_Ex
CM_Get_Class_Registry_PropertyW
CM_Query_And_Remove_SubTree_ExW
CM_Get_Version_Ex
CM_Connect_MachineA

crtdll

wcscat
isleadbyte
vfwprintf
_winmajor_dll
_fdopen
_swab
sinh
ctime
_daylight_dll
setvbuf
_commit
pow
feof
_exit
_getcwd
wcslen
_tempnam
_nextafter
_ismbcl2
tan
_strninc
_cwait
ftell
_mbsnccnt
_CIatan2
fgetwc
_msize
_strtime
puts
_tzset
iswpunct
_strupr
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_execle
_strncnt
_mbsdup
log
asin
wctomb
_fgetwchar
div
calloc
abort
_chgsign

uxtheme

GetThemeColor
GetThemeTextExtent
GetThemeSysFont
GetWindowTheme
IsThemePartDefined
IsThemeActive
GetThemeSysColor
GetThemeIntList
GetThemePropertyOrigin
GetThemeInt
GetThemeBool
GetThemeString
GetThemeEnumValue
GetThemeFilename
IsThemeDialogTextureEnabled
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
GetThemeSysColorBrush
DrawThemeBackground
GetThemeSysBool
GetThemeSysInt
EnableThemeDialogTexture
GetThemeBackgroundExtent
OpenThemeData
HitTestThemeBackground
GetThemeSysSize
DrawThemeText

kernel32

ReleaseActCtx
GetCurrentThread
TerminateThread
DeleteFileA
QueryPerformanceCounter
QueryDosDeviceW
SetEnvironmentVariableA
FindFirstFileA
LocalAlloc
AddAtomA
EraseTape
UnlockFileEx
WaitNamedPipeW
SetCalendarInfoA
Heap32First
GetEnvironmentStringsW
GetLongPathNameA
SetCommConfig
RtlCaptureStackBackTrace
LoadLibraryA
GetHandleContext
LZCopy
OpenProfileUserMapping
SetConsoleMaximumWindowSize
EnumDateFormatsExW
OpenEventA
LZDone
ReadConsoleInputExW
EnumUILanguagesW
GetModuleFileNameA
GetConsoleCommandHistoryLengthW
GetPrivateProfileStringA
OutputDebugStringW
UpdateResourceW
GetVolumePathNamesForVolumeNameA
GetCommConfig
AddLocalAlternateComputerNameA
RemoveVectoredExceptionHandler
VirtualAlloc
LocalHandle
ReplaceFileA

user32

GetClipboardFormatNameW
InvalidateRect
GetMenuDefaultItem
GetSysColorBrush
GetCursorPos
GetParent
ClientToScreen
DestroyIcon
GetLastInputInfo
SetMenuItemInfoA
DdeUninitialize
GetScrollInfo
AdjustWindowRect
LoadImageA
RegisterUserApiHook
DefMDIChildProcA
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageA
UpdateWindow
MapVirtualKeyW
GetAppCompatFlags2
GetSubMenu
CharToOemA
IsZoomed
DdeGetQualityOfService
GetWinStationInfo
UnionRect
GetThreadDesktop
SetWindowTextW
SetThreadDesktop
SoftModalMessageBox
DrawAnimatedRects
IMPQueryIMEA
SetFocus
DrawCaption
GetDCEx

dhcpsapi

DhcpRemoveOption
DhcpEnumSubnetClientsV4
DhcpDsClearHostServerEntries
DhcpServerSetConfigV4
DhcpDeleteMClientInfo
DhcpServerQueryDnsRegCredentials
DhcpEnumSubnetClients
DhcpModifyClass
DhcpSetOptionValues
DhcpGetThreadOptions
DhcpRemoveSubnetElementV5
DhcpCreateClientInfoV4
DhcpGetOptionInfoV5
DhcpCreateClientInfo
DhcpCreateSubnet
DhcpSetServerBindingInfo
DhcpSetOptionInfoV5
DhcpGetClientOptions
DhcpAddSubnetElementV5
DhcpServerQueryAttribute
DhcpSetOptionValueV5
DhcpGetMScopeInfo
DhcpSetSubnetInfo
DhcpAddSubnetElementV4
DhcpServerSetConfig
DhcpEnumSubnetElements
DhcpRemoveMScopeElement
DhcpSetOptionInfo
DhcpScanDatabase
DhcpSetMScopeInfo
DhcpSetOptionValue
DhcpServerGetConfigV4

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba6512cb3811a85a716dbe76cb8032dd

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

crtdll

uxtheme

kernel32

user32

dhcpsapi

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 1024B - Virtual size: 531KB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 1024B - Virtual size: 531KB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 1024B - Virtual size: 1024B