e630864b54504b4336c1855dc5aae2d1926b1cafd54f1649f0863c4302bbb59c

Sharing

Copy URL Twitter E-mail

General

Target

e630864b54504b4336c1855dc5aae2d1926b1cafd54f1649f0863c4302bbb59c
Size

188KB
MD5

6ec4330d3f1422414526538f5355f7f0
SHA1

4198d4ef31f68cec4e596f3dac59235c7c824b84
SHA256

e630864b54504b4336c1855dc5aae2d1926b1cafd54f1649f0863c4302bbb59c
SHA512

68d00f5715a76e0f6a57a3c5fe896de2f65847a97b60355696030c20dc47a5e3904b929b2290539f6acfb14713148182a3b29baf1ecbc91f902397c2a0e5b496
SSDEEP

3072:MNyAw/of5TwWnsUFQt6uQJQ33f8PfJA+R4NvVwFmrtBj9ipx:qw/of5TNnsUVMnU3JAEwVwUrTxipx

Score

N/A

Malware Config

Signatures

Files

e630864b54504b4336c1855dc5aae2d1926b1cafd54f1649f0863c4302bbb59c
.dll windows x86

482e36225a16829c9031b46729899e5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
GetFileSize
CreateFileW
GetWindowsDirectoryA
GetWindowsDirectoryW
GetLocaleInfoA
SetLastError
FreeLibrary
LoadLibraryA
lstrcpyA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetLocalTime
OutputDebugStringA
GetModuleHandleA
GetProcAddress
CreateFileA
CloseHandle
ReadFile
WriteFile
GetModuleFileNameA
GetCurrentProcess
DeleteFileA
Sleep
GetSystemDirectoryW
GetSystemDirectoryA
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetVersionExA
GetLastError
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
RaiseException
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

GetWindowTextA
LoadCursorA
wsprintfA
wvsprintfA
wsprintfW
GetDlgItem
PostMessageA
EnumWindows
SetCursor

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

Exports

Exports

DllMain
KxEnumUsbDevices
KxEnumUsbPrinters
KxReEnumUsb

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

482e36225a16829c9031b46729899e5f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 12KB - Virtual size: 8KB