815e57321dc2fe331701dc6f199b8f675401d70a76959d87a47c87160a5a24a5

Sharing

Copy URL

Twitter E-mail

General

Target

815e57321dc2fe331701dc6f199b8f675401d70a76959d87a47c87160a5a24a5
Size

215KB
MD5

5cd3eb6fc8a247eee982a7ee38fcc382
SHA1

24808f3555f96ccf55787685158bbfbd3d567044
SHA256

815e57321dc2fe331701dc6f199b8f675401d70a76959d87a47c87160a5a24a5
SHA512

24f60d6ee24615c5899c9145e7925ca6f86e205cad2c031fbd3cb640633a2438d2cc8bb7a9def0e166a7dcfa2d8050d82c3174191d3855a999f82d921bea1311
SSDEEP

6144:yJIkS7n/xtCBQnprdqtgn0H4rD6A6PIKy4DMY:yJLKnmBQphx+QIIR4QY

Score

N/A

Malware Config

Signatures

Files

815e57321dc2fe331701dc6f199b8f675401d70a76959d87a47c87160a5a24a5
.exe windows x86

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarBstrFromUI2
VarBstrFromI1
VarBstrFromDec
VarBstrFromDate
VarBstrFromR4
VarBstrFromUI1
VarBstrFromI2
VarBstrFromUI4
VarBstrFromI4
VarBstrFromCy
VarBstrFromUI8
VarBstrFromDisp
VarBstrFromI8
VarBstrFromR8

user32

EnableWindow
IsWindowVisible
CheckDlgButton
DispatchMessageW
MoveWindow
InvalidateRect
DefWindowProcW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
SendMessageW
LoadStringW
CheckRadioButton
SetCursor
DestroyWindow
GetDlgItem
CreateDialogParamW
SetWindowLongW
PeekMessageW
GetWindowLongW
GetWindowRect
ClientToScreen
GetDesktopWindow
ReleaseDC
GetDC
LoadCursorW
IsRectEmpty
GetClientRect
ShowWindow
IsWindow
TranslateMessage
GetAsyncKeyState

kernel32

ReadFile
GetFileSize
lstrlenA
WaitForSingleObject
GetDiskFreeSpaceW
CreateEventW
LoadLibraryW
EnterCriticalSection
GetProcAddress
lstrcmpW
FreeLibrary
GetCurrentProcess
DeleteCriticalSection
GlobalAlloc
lstrlenW
SetUnhandledExceptionFilter
GetThreadPriority
GetCurrentThread
GlobalUnlock
HeapAlloc
GetFullPathNameW
GetVersionExW
InterlockedExchange
GetPrivateProfileStringW
GlobalFindAtomA
WriteFile
MulDiv
GetModuleFileNameA
GetACP
IsBadReadPtr
GetLocaleInfoA
GetProfileIntA
SetFilePointer
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
CreateFileW
GetCurrentProcessId
WaitForMultipleObjects
InterlockedIncrement
lstrcpyW
lstrcpynW
SetEvent
SetEndOfFile
GlobalMemoryStatus
CreateSemaphoreW
GetProcessHeap
lstrcmpiW
InterlockedDecrement
SetThreadPriority
CloseHandle
GetQueuedCompletionStatus
GlobalHandle
IsBadCodePtr
CreateThread
ReleaseSemaphore
GetTickCount
HeapFree
GlobalLock
IsBadWritePtr
lstrcpyA
GlobalFree
GetLocaleInfoW
QueryPerformanceCounter
ResetEvent
VirtualFree
WideCharToMultiByte
GetFileAttributesW
GetSystemTimeAsFileTime
GetLastError

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

newdev

InstallNewDevice
UpdateDriverForPlugAndPlayDevicesW
InstallWindowsUpdateDriver
InstallSelectedDriver
UpdateDriverForPlugAndPlayDevicesA

ntdll

CsrFreeCaptureBuffer
DbgBreakPoint
DbgPrintReturnControlC
CsrGetProcessId
CsrCaptureTimeout
CsrClientConnectToServer
DbgQueryDebugFilterState
DbgPrint
CsrClientCallServer
CsrSetPriorityClass
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrCaptureMessageBuffer
CsrCaptureMessageString
DbgPrintEx
DbgSetDebugFilterState
CsrIdentifyAlertableThread
DbgPrompt
CsrAllocateCaptureBuffer

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

netshell

newdev

ntdll

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 37KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 37KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB