55084a90d073ff35e25aa6caa65a297568c355b8f49f4393843672b9a5d3b0d3

Sharing

Copy URL Twitter E-mail

General

Target

55084a90d073ff35e25aa6caa65a297568c355b8f49f4393843672b9a5d3b0d3
Size

976KB
MD5

6644d8aec991cb408a99c05598c4d0a7
SHA1

ce720a6b679e64eabdb38fa7081eb7caa4cbf7ce
SHA256

55084a90d073ff35e25aa6caa65a297568c355b8f49f4393843672b9a5d3b0d3
SHA512

66f8abc929ee64e7d291890ea6eb8c7b83a5f99fb1032d3cb32bf4b5db6ce7b85f11ca0ef63ea80d888c671614654ec781c52efa39d7ace61c5553e0be2009af
SSDEEP

24576:3tzZJNZMGjzFywVreabVz4BQLZaxiewUF1Ur4K7tjXwtIz5n2DaObD6qYjXoHFji:xlxzboQPO40drC

Score

N/A

Malware Config

Signatures

Files

55084a90d073ff35e25aa6caa65a297568c355b8f49f4393843672b9a5d3b0d3
.dll windows x86

c37a39653ee5d23821dc1269e932dbbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

rand
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
fseek
ftell
fread
fclose
strtok
atoi
sprintf
_splitpath
strstr
strncpy
strchr
strrchr
__CxxFrameHandler
_beginthreadex
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
time
srand
__dllonexit
iscntrl
_strnicmp
_fstat
difftime
strftime
localtime
asctime
clock
fflush
sscanf
tolower
_ismbcspace
realloc
malloc
_stricmp
printf
_mbctype
strncmp
getenv
isdigit
strtoul
_vsnprintf
wcslen
_strdup
isspace
free
atof
_fsopen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
toupper
memmove
_snprintf
_ftime
strtol
atol
fwrite
fopen
fprintf
rename
_chmod
_mkdir
_chdir
_getcwd
_stat
_putenv
_strcmpi
_fileno
_ultoa
_itoa
_errno
_rmdir
_unlink

ole32

ReleaseStgMedium
CoCreateInstance
CoInitialize
StringFromCLSID
CoUninitialize

user32

GetMessageA
DispatchMessageA
CharLowerA
CharUpperA
CharPrevA
GetSystemMetrics
PostMessageA
RegisterClipboardFormatA
GetIconInfo
LoadImageA
MessageBoxA
FindWindowA
PeekMessageA
DestroyWindow
RegisterClassA
RegisterWindowMessageA
CreateWindowExA
GetWindowLongA
SetWindowLongA
DefWindowProcA
LoadStringA
UnregisterClassA
GetClassInfoExA
RegisterClassExA
MsgWaitForMultipleObjects
PostQuitMessage
TranslateMessage
PostThreadMessageA
CharNextA
wsprintfA

advapi32

RegSetValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyA
RegQueryValueA
RegSetValueExA
RegEnumValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiDeleteDeviceInterfaceData
SetupDiGetClassDevsA
SetupDiOpenDeviceInterfaceA
SetupDiCreateDeviceInfoList

oleaut32

SysFreeString

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA

kernel32

GetDiskFreeSpaceExA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
RemoveDirectoryA
EnterCriticalSection
GetTickCount
LeaveCriticalSection
GetFileAttributesA
SetFileAttributesA
DeleteCriticalSection
InitializeCriticalSection
ReadFile
CreateFileA
GetFileSize
lstrcmpiA
lstrlenA
LoadLibraryA
GetCurrentProcess
GetProcAddress
OpenProcess
TerminateProcess
FreeLibrary
FindFirstChangeNotificationA
FindCloseChangeNotification
WaitForMultipleObjects
FindNextChangeNotification
SetEvent
WaitForSingleObject
TerminateThread
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentThreadId
SetThreadPriority
WideCharToMultiByte
SetVolumeLabelA
GetDriveTypeA
GetVersionExA
InterlockedExchange
Sleep
MulDiv
ResetEvent
SetErrorMode
CopyFileExA
WriteFile
GlobalUnlock
GlobalLock
GetModuleFileNameA
GetDiskFreeSpaceA
CreateDirectoryA
GetTempPathA
GetSystemInfo
GetWindowsDirectoryA
GetVersion
QueryDosDeviceA
DeviceIoControl
GetLogicalDriveStringsA
GetLogicalDrives
GetPrivateProfileStringA
GetVolumeInformationA
GetSystemDirectoryA
MultiByteToWideChar
MoveFileA
GlobalAlloc
lstrcpyA
GlobalFree

Exports

Exports

CanUnload2
OnInstallPDGenXfer
OnUninstallPDGenXfer
RMACreateInstance
SetDLLAccessPath

Sections

.text
Size: 788KB - Virtual size: 785KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c37a39653ee5d23821dc1269e932dbbe

Headers

File Characteristics

Imports

pncrt

ole32

user32

advapi32

version

setupapi

oleaut32

shell32

kernel32

Exports

Exports

Sections

.text Size: 788KB - Virtual size: 785KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 44KB - Virtual size: 42KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 44KB - Virtual size: 41KB

.rmnet Size: 56KB - Virtual size: 56KB

.text
Size: 788KB - Virtual size: 785KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 44KB - Virtual size: 42KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 44KB - Virtual size: 41KB

.rmnet
Size: 56KB - Virtual size: 56KB