04327f02ff7d033429484c705fa089c6aad2c91959521b125c5bf77930e23a61

Sharing

Copy URL Twitter E-mail

General

Target

04327f02ff7d033429484c705fa089c6aad2c91959521b125c5bf77930e23a61
Size

1.0MB
MD5

6b87967b1fa2e06c0549c02748acb67e
SHA1

cabb079b380af21a5db66935b25b27e09898d830
SHA256

04327f02ff7d033429484c705fa089c6aad2c91959521b125c5bf77930e23a61
SHA512

efd54c7d7addb6a0b4c8fad3414fb9d7ddedc5a10a47080d60bcede57ca3467d12e2f9cbd03f1d70bd4468034ac2dc66a2b2adb765db78cbd89a6b02be934bef
SSDEEP

24576:iOs/HDT7VjaXRqgw133r7VhSzBeS+evv0o3z3h:iO6T7VjaXR9W33rvSzBeS+evv0ol

Score

N/A

Malware Config

Signatures

Files

04327f02ff7d033429484c705fa089c6aad2c91959521b125c5bf77930e23a61
.exe windows x86

12efd840a25354efb68cb54afd593aee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiSetDeviceInstallParamsW
SetupDiDestroyDriverInfoList
SetupDiGetDriverInstallParamsW
SetupDiEnumDriverInfoW
SetupDiGetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiDestroyDeviceInfoList

kernel32

EnterCriticalSection
LeaveCriticalSection
FormatMessageW
GetVersionExW
GetNativeSystemInfo
PeekNamedPipe
SystemTimeToFileTime
GetTickCount
GetSystemTimeAsFileTime
WriteFile
FileTimeToSystemTime
ReadFile
CreateFileW
SetThreadPriority
FlushFileBuffers
FileTimeToLocalFileTime
ResumeThread
WideCharToMultiByte
GetModuleHandleExW
GetSystemDirectoryW
GetFileAttributesW
GetStartupInfoW
GetStdHandle
SetLastError
FindClose
GetWindowsDirectoryW
InitializeCriticalSection
GetCurrentDirectoryW
GetSystemDefaultLangID
GlobalMemoryStatusEx
GetUserDefaultUILanguage
DeviceIoControl
GetProcessAffinityMask
SetThreadAffinityMask
GetSystemDirectoryA
LoadLibraryA
GetModuleHandleA
DebugBreak
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
GetDriveTypeW
GetTimeZoneInformation
WriteConsoleW
VirtualQuery
GetProcessHeap
SetFilePointer
LoadLibraryW
GetExitCodeProcess
CreateProcessW
GetCurrentProcess
IsWow64Process
GetCurrentThread
LocalFree
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
CloseHandle
CreateThread
CreateEventW
Sleep
InitializeCriticalSectionAndSpinCount
GetCommandLineW
SetEvent
DeleteCriticalSection
GetCurrentThreadId
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
RaiseException
lstrcmpiW
GetModuleHandleW
GetProcAddress
lstrlenW
FreeLibrary
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
HeapSize
HeapReAlloc
ExitProcess
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CreateFileA
GetFileInformationByHandle
GetFullPathNameA
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCurrentProcessId
QueryPerformanceCounter
TlsFree
TerminateProcess
LCMapStringW
RtlUnwind
GetCPInfo
FindFirstFileExA
GetDriveTypeA
GetFileType
SetStdHandle
ExitThread
HeapSetInformation
HeapAlloc
HeapFree
DecodePointer
EncodePointer
GetStringTypeW
InterlockedExchange
InterlockedCompareExchange
TlsSetValue
TlsGetValue
TlsAlloc

user32

EnumDisplayDevicesW
CharNextW
CharUpperW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
EnumDisplaySettingsExW

advapi32

RegCreateKeyExW
IsValidSid
LookupAccountNameW
CopySid
AddAce
AddAccessAllowedAce
GetAce
EqualSid
GetAclInformation
DeleteAce
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
MakeSelfRelativeSD
GetSecurityDescriptorSacl
FreeSid
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
MakeAbsoluteSD
GetSecurityDescriptorLength
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
SetSecurityDescriptorGroup
RevertToSelf
GetLengthSid
SetTokenInformation
ConvertStringSidToSidW
OpenThreadToken
ImpersonateSelf
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoAddRefServerProcess
CoReleaseServerProcess
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CoCreateGuid
CoSetProxyBlanket
CoTaskMemFree

oleaut32

SafeArrayGetElement
VariantCopy
SafeArrayGetLBound
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
RegisterTypeLi
VarUI4FromStr

Sections

.text
Size: 641KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12efd840a25354efb68cb54afd593aee

Headers

DLL Characteristics

File Characteristics

Imports

version

setupapi

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 641KB - Virtual size: 641KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 11KB - Virtual size: 24KB

.rsrc Size: 143KB - Virtual size: 143KB

.reloc Size: 137KB - Virtual size: 140KB

.text
Size: 641KB - Virtual size: 641KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 11KB - Virtual size: 24KB

.rsrc
Size: 143KB - Virtual size: 143KB

.reloc
Size: 137KB - Virtual size: 140KB