4571b236b1d276a3e32c84ebe4b95cf8043eca91f54c92ae490c6222d9181547

Sharing

Copy URL Twitter E-mail

General

Target

4571b236b1d276a3e32c84ebe4b95cf8043eca91f54c92ae490c6222d9181547
Size

868KB
MD5

6f8c60700b8c8a736351a3e8821939f0
SHA1

9d3a01faff2311f007eb587839d8fab17d2d9fc6
SHA256

4571b236b1d276a3e32c84ebe4b95cf8043eca91f54c92ae490c6222d9181547
SHA512

63abf6642484c97379b5b85b7fd2a20f907a4948fd855b9aa30b8bb7b1f54630a0a3ab13591ba90d948f52e3d42747db20f4e6d85e6376cce4566d5ca5b72292
SSDEEP

12288:gzkBbJEVGI7IQP87v528GvgviYX4AQoDlC5ujni2UhFhDiVs6daiZG2JDSe1jEuU:fFYngJicw9hFdia67l0H8GEA

Score

N/A

Malware Config

Signatures

Files

4571b236b1d276a3e32c84ebe4b95cf8043eca91f54c92ae490c6222d9181547
.dll windows x86

72def3f0f10b77f963490e34fb129310

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysStringLen
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

ole32

CoInitialize
CoTaskMemRealloc
PropVariantClear
CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance

setupapi

CM_Get_Parent
SetupDiGetClassDevsW
CM_Get_Child
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Sibling
CM_Get_Device_IDW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyW

kernel32

GetTickCount
InterlockedExchange
InterlockedCompareExchange
GetCurrentProcessId
GlobalFree
EnterCriticalSection
GetOverlappedResult
GetExitCodeThread
InterlockedDecrement
SetWaitableTimer
GetModuleHandleA
TerminateProcess
OutputDebugStringA
WideCharToMultiByte
GetLastError
FreeLibrary
DeviceIoControl
SetThreadLocale
CloseHandle
GetModuleHandleW
GetModuleFileNameW
LocalFree
WaitForMultipleObjects
CreateWaitableTimerW
QueryPerformanceCounter
SetUnhandledExceptionFilter
GlobalAlloc
ResetEvent
GetDateFormatA
Sleep
LoadResource
DeleteCriticalSection
LeaveCriticalSection
FindResourceW
CreateMutexW
GetCurrentThreadId
CancelWaitableTimer
lstrcmpiW
MultiByteToWideChar
RaiseException
CreateEventW
ReleaseMutex
GetThreadLocale
lstrlenW
WaitForSingleObject
LocalAlloc
UnhandledExceptionFilter
CreateThread
SetEvent
GetSystemTimeAsFileTime
ReadFile
VirtualAlloc
GetVersionExA
SizeofResource
InterlockedIncrement
InitializeCriticalSection
CreateFileW

Exports

Exports

Mem_Free
Optimize
_CheckStack
free_data
get_channels
set_oFFs

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72def3f0f10b77f963490e34fb129310

Headers

File Characteristics

Imports

oleaut32

ole32

setupapi

advapi32

kernel32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 88KB - Virtual size: 87KB

.data Size: 448KB - Virtual size: 448KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 88KB - Virtual size: 87KB

.data
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 6KB