7e1dd01c7c9a96dbc44adf23d2076299a2071895b5bfb619209cc9a2c33a0b00

Sharing

Copy URL Twitter E-mail

General

Target

7e1dd01c7c9a96dbc44adf23d2076299a2071895b5bfb619209cc9a2c33a0b00
Size

640KB
MD5

7a4498d269ad4cd3a3011eca98f63d72
SHA1

2aa8735ed10e8b9d345633bfe47465f598400190
SHA256

7e1dd01c7c9a96dbc44adf23d2076299a2071895b5bfb619209cc9a2c33a0b00
SHA512

e5deb8f917a9ad0c71516013e59e1b1c4d0f7b4f51351990c6600b0dd0137974b29c42d9366e7ecf4431098eb3334968dcfec8d22745a928a98d88aace4f527f
SSDEEP

12288:lBJuaw9p2dRTYf8ZKrLiLJpRhDsjsPNRZ3y38fWanz/:vJu3D2bWLaprrFRdq8fWan7

Score

N/A

Malware Config

Signatures

Files

7e1dd01c7c9a96dbc44adf23d2076299a2071895b5bfb619209cc9a2c33a0b00
.exe windows x86

6b93f514b3b49b83f5ab6136b522b953

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Device_ID_Size
CM_Get_Device_IDA
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_Sibling
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
CMP_WaitNoPendingInstallEvents

setupapi

SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA

rpcrt4

UuidFromStringW

kernel32

LoadLibraryExA
lstrcmpiA
GetProcAddress
IsDBCSLeadByte
GetModuleHandleW
RaiseException
SetEvent
CreateEventA
OutputDebugStringA
WaitForMultipleObjects
WaitForSingleObject
Sleep
lstrcpyA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
CreateThread
GetCurrentProcess
GetCurrentThread
OpenEventA
ResetEvent
TerminateThread
GetExitCodeThread
DeviceIoControl
CreateFileA
GetOverlappedResult
LockResource
LoadLibraryA
GetTimeZoneInformation
ReadFile
GetFileSize
GetVolumeInformationA
GetTickCount
lstrcpynA
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetLocalTime
TryEnterCriticalSection
FlushFileBuffers
WriteFile
FindResourceA
GetFileAttributesA
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetFileAttributesExA
CreateFileW
GetModuleFileNameW
CopyFileW
SetFilePointer
DebugBreak
CreateSemaphoreA
ReleaseSemaphore
VerifyVersionInfoA
VerSetConditionMask
GetSystemPowerStatus
CreateMutexW
HeapSetInformation
LoadLibraryW
GetLocaleInfoW
GetUserDefaultLCID
GetSystemDefaultLangID
GlobalFree
GlobalAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
ExitProcess
HeapCreate
VirtualFree
GetFileType
SetHandleCount
GetStdHandle
LCMapStringW
LCMapStringA
SetLastError
SetEnvironmentVariableA
TlsFree
TlsSetValue
TlsAlloc
LoadResource
SizeofResource
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
DeleteCriticalSection
lstrlenW
GetModuleFileNameA
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
MultiByteToWideChar
lstrlenA
GetCommandLineA
OpenMutexA
SetErrorMode
CreateMutexA
GetLastError
CloseHandle
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
GetLogicalDrives
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
GetStartupInfoA
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind

user32

CharNextA
CharUpperA
UnregisterDeviceNotification
PostQuitMessage
GetPropA
DefWindowProcA
SetPropA
DestroyWindow
RegisterClassA
CreateWindowExA
SetTimer
SendMessageA
wvsprintfA
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
CharNextW
PostThreadMessageA
LoadStringA
MessageBoxA
RegisterDeviceNotificationA

advapi32

InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW
RegQueryValueExW
GetTokenInformation
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorGroup
IsValidSid
GetLengthSid
CopySid
SetSecurityDescriptorOwner
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
QueryServiceStatusEx
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
OpenServiceA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoInitializeSecurity
CoResumeClassObjects
CoSuspendClassObjects
CoRegisterClassObject
CoRevokeClassObject
IIDFromString
CoUninitialize

oleaut32

SysStringLen
LoadTypeLi
UnRegisterTypeLi
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreateVector
VariantClear
RegisterTypeLi
VarUI4FromStr
SysAllocString
SysFreeString

Sections

.text
Size: 397KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b93f514b3b49b83f5ab6136b522b953

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

setupapi

version

rpcrt4

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 397KB - Virtual size: 396KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 11KB - Virtual size: 19KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 397KB - Virtual size: 396KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 11KB - Virtual size: 19KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 26KB - Virtual size: 26KB