c7c1cb9936fd5f5c9a12d4b2c409861a76ba701ec3bb5f912ed30407da34c626

Sharing

Copy URL Twitter E-mail

General

Target

c7c1cb9936fd5f5c9a12d4b2c409861a76ba701ec3bb5f912ed30407da34c626
Size

1.9MB
MD5

f91b356ea920bb900eafbc71653db58d
SHA1

3b1de284d6da73b055afbf4303aac6921dca2e53
SHA256

c7c1cb9936fd5f5c9a12d4b2c409861a76ba701ec3bb5f912ed30407da34c626
SHA512

deb69dceb71e5448ea460bc70e62dbe58b88a36e67cd4d6def825adb6393788cd8f59a6e674e8210f66468ec143ff5f75d5e52242411ad062178f48487d4626f
SSDEEP

49152:cVxLVfr/410VWWNIzFjHbDzaXeXezBoo889YCHDI:G3f0eVWWNIzlHjaXwOBooVY

Score

N/A

Malware Config

Signatures

Files

c7c1cb9936fd5f5c9a12d4b2c409861a76ba701ec3bb5f912ed30407da34c626
.exe windows x86

9ab3d07f9a900120495f1b9fe924e901

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

detectusbdevice

GetMD5String
GetFileSizeByte
GetLastTokenString
GetDeviceDiskVolumeInfoByDeviceInstanceID
GetUSBDeviceEnumInfoByDeviceInstanceID
FindString
ReadLineByFilePath
GetFileTotalLineByFilePath
CreateFolder
GetTokenString
StopUSBDeviceChangeNotification
UnInstallHook_CloseDeviceChangeNotificationWindowProc
RefreshAllUSBDevice
InstallHook_CloseDeviceChangeNotificationWindowProc
GetLastErrorCodeMsg
StartUSBDeviceChangeNotification
GetFileVerInfo
GetModuleNameInfo
IssueScsiCmdBySpti

psapi

EnumProcesses
GetModuleBaseNameW
EnumProcessModules

kernel32

LockResource
LoadResource
FindResourceW
GetUserDefaultUILanguage
SetThreadLocale
MultiByteToWideChar
GetLastError
Sleep
CreateMutexW
CloseHandle
GetVersionExW
LoadLibraryW
SizeofResource
FreeLibrary
OpenProcess
TerminateProcess
GetCurrentThreadId
GetLocalTime
OpenFileMappingW
CreateFileMappingW
OutputDebugStringW
MapViewOfFile
CreateSemaphoreW
GetTempPathW
DeleteFileW
InitializeCriticalSectionAndSpinCount
CreateFileW
GetProcessId
GetProcAddress
SetUnhandledExceptionFilter
GetVersionExA
GetModuleHandleW
lstrcmpW
SetLastError
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
lstrlenW
GetModuleHandleA
MulDiv
GlobalUnlock
GlobalLock
GetModuleFileNameW
GetCurrentProcessId
LocalFree
FormatMessageW
GlobalAlloc
GlobalSize
GlobalFree
InterlockedDecrement
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
SetThreadPriority
ResumeThread
SuspendThread
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
InterlockedIncrement
GlobalGetAtomNameW
lstrlenA
FileTimeToSystemTime
GetCurrentDirectoryW
lstrcpyW
GetFileSize
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GetTempFileNameW
SearchPathW
GetTickCount
GetProfileIntW
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
VirtualProtect
FindResourceExW
GetStartupInfoW
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
WriteFile
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
ExitThread
CreateThread
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
CreateEventW
UnmapViewOfFile
SetEvent
WaitForSingleObject
DeleteCriticalSection
GetPrivateProfileStringW
WritePrivateProfileStringW
EnterCriticalSection
LeaveCriticalSection
DeleteVolumeMountPointW
RemoveDirectoryW
SetVolumeMountPointW
WideCharToMultiByte
GetFileAttributesW
CopyFileW
ReleaseSemaphore
ReadFile
SetFilePointer
DeviceIoControl
FindClose
FindNextFileW
FindFirstFileW

user32

SetCapture
ReleaseCapture
WaitMessage
DeleteMenu
SetRectEmpty
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
CharUpperW
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
SetParent
SetClassLongW
IsMenu
IsRectEmpty
BringWindowToTop
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
OpenClipboard
CopyImage
SetClipboardData
CloseClipboard
EmptyClipboard
TranslateAcceleratorW
InsertMenuItemW
ReuseDDElParam
UnpackDDElParam
DrawIconEx
DrawEdge
DrawFrameControl
SetRect
SetCursorPos
UnionRect
EnableScrollBar
UpdateLayeredWindow
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetDoubleClickTime
CreateMenu
MapDialogRect
GetWindowRgn
GetNextDlgGroupItem
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ShowWindow
MoveWindow
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
ValidateRect
SetFocus
GetWindowTextLengthW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
MessageBeep
IsZoomed
PostQuitMessage
GetDesktopWindow
EnableWindow
DestroyCursor
DestroyMenu
DestroyIcon
GetWindowLongW
SendMessageW
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
GetTopWindow
ClientToScreen
WindowFromPoint
GetActiveWindow
GetWindowRect
GetSubMenu
TrackPopupMenuEx
PostMessageW
CopyRect
InflateRect
DrawFocusRect
GetClientRect
UnregisterClassW
LoadCursorW
GetSysColorBrush
GetMenuItemInfoW
ShowOwnedPopups
GetMessageW
TranslateMessage
CreateDialogIndirectParamW
EndDialog
GetMenuStringW
InsertMenuW
RemoveMenu
SetActiveWindow
GetWindowTextW
FindWindowW
SetWindowTextW
EnableMenuItem
ModifyMenuW
GetKeyState
SendMessageTimeoutW
OffsetRect
DrawStateW
FillRect
GetSysColor
GetDC
DrawIcon
GetSystemMetrics
IsIconic
SetWindowLongW
IsWindowEnabled
CheckMenuItem
AppendMenuW
GetSystemMenu
LoadIconW
SetForegroundWindow
SetWindowPos
AllowSetForegroundWindow
SystemParametersInfoW
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetTimer
KillTimer
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
GetFocus
TabbedTextOutW
ReleaseDC
GetIconInfo
LoadImageW
LoadMenuW
FrameRect
RegisterWindowMessageW
GetDlgItem
RedrawWindow
UpdateWindow
IsWindow

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
GetDeviceCaps
CreatePen
CreateHatchBrush
CopyMetaFileW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
OffsetRgn
GetRgnBox
CreateDIBitmap
PtVisible
GetDCOrgEx
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
CreateDIBSection
CreateEllipticRgn
CreatePolygonRgn
GetBkColor
Polyline
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetPixelV
GetTextFaceW
DeleteObject
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
GetPixel
SetPixel
GetObjectW
CreateSolidBrush
CreateFontIndirectW
GetViewportOrgEx
SetViewportOrgEx
Rectangle
FrameRgn
GetBoundsRect
LPtoDP
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
EnumFontFamiliesW
EnumFontFamiliesExW
GetSystemPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
ExtFloodFill

shell32

SHAppBarMessage
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteExW
DragQueryFileW
DragFinish

msimg32

TransparentBlt
AlphaBlend

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFileExistsW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathFindExtensionW

gdiplus

GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipGetImagePaletteSize

winmm

PlaySoundW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetFileTitleW

advapi32

RegEnumKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
OleGetClipboard
DoDragDrop
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
OleDuplicateData

oleaut32

SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocString

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ab3d07f9a900120495f1b9fe924e901

Headers

DLL Characteristics

File Characteristics

Imports

detectusbdevice

psapi

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

gdiplus

winmm

oleacc

imm32

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 291KB - Virtual size: 291KB

.data Size: 134KB - Virtual size: 291KB

.rsrc Size: 92KB - Virtual size: 91KB

.reloc Size: 145KB - Virtual size: 144KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 291KB - Virtual size: 291KB

.data
Size: 134KB - Virtual size: 291KB

.rsrc
Size: 92KB - Virtual size: 91KB

.reloc
Size: 145KB - Virtual size: 144KB