e3fa954d09abc8cf8b075626301192a95eeac3e6f6c2697feabb6a167ce52934

Sharing

Copy URL Twitter E-mail

General

Target

e3fa954d09abc8cf8b075626301192a95eeac3e6f6c2697feabb6a167ce52934
Size

261KB
MD5

4124b5b0bbca2c74a9a61792a0efb880
SHA1

906c667e1181baf6a1dca83ce19fabe5feade5c4
SHA256

e3fa954d09abc8cf8b075626301192a95eeac3e6f6c2697feabb6a167ce52934
SHA512

88dcddee2eb9a62e3f710e0a4f60167b9740918e1cc98fe7fa15afca7c6793e0ab3edc9bd3096d2f01a7b4625556e6e26314f527fe60fd170a538d6c464428e8
SSDEEP

6144:Vd6V+gaIXqZBPp6r09NS744Oyuhuro1ZeBZx+p0:O+9IXqZB409NSc4nl+8Z4p0

Score

N/A

Malware Config

Signatures

Files

e3fa954d09abc8cf8b075626301192a95eeac3e6f6c2697feabb6a167ce52934
.exe windows x86

fc4c4d1c3d17f2bdb0471206df3c6d8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

microp2drv

MP2DRV_MediaCheck
PrepareFormat
ChangeUsrPassword
LockControl
MP2DRV_DPS_GetInfo
Authentication
MP2DRV_CloseDrive
MP2DRV_OpenDrive
MP2DRV_VUC_Read
MP2DRV_GetCardStatus

libeay32

ord46
ord40

kernel32

MultiByteToWideChar
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
Sleep
GetDriveTypeA
GetLogicalDrives
InitializeCriticalSection
CreateIoCompletionPort
CreateNamedPipeA
GetModuleFileNameA
WriteConsoleW
GetLastError
FlushFileBuffers
WriteFile
DuplicateHandle
GetCurrentProcess
DeviceIoControl
CreateFileA
OpenProcess
ReadFile
PostQueuedCompletionStatus
OutputDebugStringA
GetQueuedCompletionStatus
ConnectNamedPipe
DisconnectNamedPipe
SetStdHandle
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetEndOfFile
ExitProcess
RtlUnwind
GetLocaleInfoW
LoadLibraryW
ExitThread
GetCurrentThreadId
CreateThread
HeapFree
HeapAlloc
RaiseException
GetProcessHeap
GetCommandLineA
HeapSetInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetCurrentThread
GetProcAddress
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
FatalAppExitA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange

advapi32

RegisterServiceCtrlHandlerExA
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA

shell32

SHGetFolderPathA

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc4c4d1c3d17f2bdb0471206df3c6d8a

Headers

DLL Characteristics

File Characteristics

Imports

microp2drv

libeay32

kernel32

advapi32

shell32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 77KB - Virtual size: 80KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 77KB - Virtual size: 80KB