abf59262efdf95b39f08389160fe787d58d482ef835b7279ab65fd079a99d403

Sharing

Copy URL Twitter E-mail

General

Target

abf59262efdf95b39f08389160fe787d58d482ef835b7279ab65fd079a99d403
Size

208KB
MD5

6f603b6e9b204a4a54faf32248e8b070
SHA1

6ac71e359bdac754d1eed214ac1c0de6bc4b5ac0
SHA256

abf59262efdf95b39f08389160fe787d58d482ef835b7279ab65fd079a99d403
SHA512

a6c5cdee6d252991180f708268667271d63d86be6b88d3c6c4ca69e34473f174b195c59b599c30ff2ae53a3b356a463422dad00f6754daa1deaba7d67fef6d8b
SSDEEP

6144:EfQqBbF5VbaplWotat+f6ptmbs99w3tnx:4Pf5VGyota4f6DxQ9x

Score

N/A

Malware Config

Signatures

Files

abf59262efdf95b39f08389160fe787d58d482ef835b7279ab65fd079a99d403
.exe windows x86

5b124d37c1feb3d48ec6b7f44f3a95b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClientToScreen
IsRectEmpty
GetClientRect
GetWindowLongW
PeekMessageW
SetCursor
IsWindow
InvalidateRect
CheckRadioButton
EnableWindow
MoveWindow
LoadCursorW
DestroyWindow
GetAsyncKeyState
GetDesktopWindow
SetWindowLongW
GetDlgItem
DefWindowProcW
CreateDialogParamW
SetDlgItemInt
LoadStringW
DispatchMessageW
SendMessageW
ShowWindow
IsWindowVisible
GetDlgItemInt
CheckDlgButton
GetWindowRect
GetDC
SetDlgItemTextW
TranslateMessage
ReleaseDC

ntdll

DbgPrintEx
CsrCaptureTimeout
DbgPrintReturnControlC
DbgBreakPoint
CsrCaptureMessageString
CsrSetPriorityClass
CsrFreeCaptureBuffer
CsrClientConnectToServer
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrAllocateCaptureBuffer
DbgQueryDebugFilterState
CsrCaptureMessageBuffer
CsrGetProcessId
CsrClientCallServer
DbgPrint
DbgSetDebugFilterState
DbgPrompt
CsrIdentifyAlertableThread

kernel32

VirtualFree
GetQueuedCompletionStatus
GetFileAttributesW
GetCurrentThread
GetSystemTimeAsFileTime
lstrlenW
ResetEvent
WaitForSingleObject
InterlockedIncrement
GetThreadPriority
SetFilePointer
ReleaseSemaphore
GlobalMemoryStatus
LeaveCriticalSection
CloseHandle
lstrlenA
IsBadWritePtr
IsBadReadPtr
CreateThread
GetCurrentProcessId
lstrcpynW
LoadLibraryW
lstrcmpW
CreateSemaphoreW
lstrcmpiW
QueryPerformanceCounter
GlobalAlloc
HeapAlloc
FreeLibrary
IsBadCodePtr
WideCharToMultiByte
GetDiskFreeSpaceW
HeapFree
GetLocaleInfoW
CreateFileW
GetProfileIntA
ReadFile
SetThreadPriority
GetModuleFileNameA
GlobalFindAtomA
GetFullPathNameW
InitializeCriticalSection
GetPrivateProfileStringW
GlobalHandle
GetProcAddress
SetEvent
DeleteCriticalSection
GlobalLock
InterlockedExchange
GetLocaleInfoA
GetFileSize
MulDiv
GetACP
InterlockedDecrement
GlobalFree
SetUnhandledExceptionFilter
GetCurrentProcess
MultiByteToWideChar
SetEndOfFile
EnterCriticalSection
GlobalUnlock
CreateEventW
WriteFile
GetTickCount
lstrcpyA
GetVersionExW
WaitForMultipleObjects
GetProcessHeap
lstrcpyW
GetLastError

oleaut32

VarBstrFromUI8
VarBstrFromI2
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromI8
VarBstrFromR4
VarBstrFromDec
VarBstrFromI4
VarBstrFromI1
VarBstrFromDate
VarBstrFromUI1
VarBstrFromDisp
VarBstrFromR8
VarBstrFromCy

newdev

InstallNewDevice
UpdateDriverForPlugAndPlayDevicesA
InstallWindowsUpdateDriver
InstallSelectedDriver
UpdateDriverForPlugAndPlayDevicesW

netshell

StartNCW
DllGetClassObject
NcIsValidConnectionName

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b124d37c1feb3d48ec6b7f44f3a95b0

Headers

File Characteristics

Imports

user32

ntdll

kernel32

oleaut32

newdev

netshell

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 32KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 980B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 32KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 980B

.reloc
Size: 1KB - Virtual size: 1KB