2b11d352d30c45235a57b9407984411460571c754d21e290126c3a69b1500904

Sharing

Copy URL Twitter E-mail

General

Target

2b11d352d30c45235a57b9407984411460571c754d21e290126c3a69b1500904
Size

215KB
MD5

6b6a2aa401aaed64d59d6943f2426dfc
SHA1

1c0ae2deaac06cb6896e810c0b9ae982e7998bc4
SHA256

2b11d352d30c45235a57b9407984411460571c754d21e290126c3a69b1500904
SHA512

a73d316e7a267d9f76e3868fbe2f891fdd154497be361a786f5665984207273b5622b8eacb932b301f736e1fde21a79b83677da37731cd0ebc00514ec7d54778
SSDEEP

6144:yJIkS7n/xtCBQnprdqtgn0H4rD6A6PIKy4DMk:yJLKnmBQphx+QIIR4Qk

Score

N/A

Malware Config

Signatures

Files

2b11d352d30c45235a57b9407984411460571c754d21e290126c3a69b1500904
.exe windows x86

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarBstrFromUI2
VarBstrFromI1
VarBstrFromDec
VarBstrFromDate
VarBstrFromR4
VarBstrFromUI1
VarBstrFromI2
VarBstrFromUI4
VarBstrFromI4
VarBstrFromCy
VarBstrFromUI8
VarBstrFromDisp
VarBstrFromI8
VarBstrFromR8

user32

EnableWindow
IsWindowVisible
CheckDlgButton
DispatchMessageW
MoveWindow
InvalidateRect
DefWindowProcW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
SendMessageW
LoadStringW
CheckRadioButton
SetCursor
DestroyWindow
GetDlgItem
CreateDialogParamW
SetWindowLongW
PeekMessageW
GetWindowLongW
GetWindowRect
ClientToScreen
GetDesktopWindow
ReleaseDC
GetDC
LoadCursorW
IsRectEmpty
GetClientRect
ShowWindow
IsWindow
TranslateMessage
GetAsyncKeyState

kernel32

ReadFile
GetFileSize
lstrlenA
WaitForSingleObject
GetDiskFreeSpaceW
CreateEventW
LoadLibraryW
EnterCriticalSection
GetProcAddress
lstrcmpW
FreeLibrary
GetCurrentProcess
DeleteCriticalSection
GlobalAlloc
lstrlenW
SetUnhandledExceptionFilter
GetThreadPriority
GetCurrentThread
GlobalUnlock
HeapAlloc
GetFullPathNameW
GetVersionExW
InterlockedExchange
GetPrivateProfileStringW
GlobalFindAtomA
WriteFile
MulDiv
GetModuleFileNameA
GetACP
IsBadReadPtr
GetLocaleInfoA
GetProfileIntA
SetFilePointer
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
CreateFileW
GetCurrentProcessId
WaitForMultipleObjects
InterlockedIncrement
lstrcpyW
lstrcpynW
SetEvent
SetEndOfFile
GlobalMemoryStatus
CreateSemaphoreW
GetProcessHeap
lstrcmpiW
InterlockedDecrement
SetThreadPriority
CloseHandle
GetQueuedCompletionStatus
GlobalHandle
IsBadCodePtr
CreateThread
ReleaseSemaphore
GetTickCount
HeapFree
GlobalLock
IsBadWritePtr
lstrcpyA
GlobalFree
GetLocaleInfoW
QueryPerformanceCounter
ResetEvent
VirtualFree
WideCharToMultiByte
GetFileAttributesW
GetSystemTimeAsFileTime
GetLastError

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

newdev

InstallNewDevice
UpdateDriverForPlugAndPlayDevicesW
InstallWindowsUpdateDriver
InstallSelectedDriver
UpdateDriverForPlugAndPlayDevicesA

ntdll

CsrFreeCaptureBuffer
DbgBreakPoint
DbgPrintReturnControlC
CsrGetProcessId
CsrCaptureTimeout
CsrClientConnectToServer
DbgQueryDebugFilterState
DbgPrint
CsrClientCallServer
CsrSetPriorityClass
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrCaptureMessageBuffer
CsrCaptureMessageString
DbgPrintEx
DbgSetDebugFilterState
CsrIdentifyAlertableThread
DbgPrompt
CsrAllocateCaptureBuffer

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

netshell

newdev

ntdll

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 37KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 37KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB