e1c554dd10a3c18a7d30cfd2f4780489c0f3046230ec2c930daebedcf42d7ba7

Sharing

Copy URL Twitter E-mail

General

Target

e1c554dd10a3c18a7d30cfd2f4780489c0f3046230ec2c930daebedcf42d7ba7
Size

158KB
MD5

7a440df7338c9d7c4f003cf741bb8a3c
SHA1

40bf5973b858e674994087fbd973c18353ed2852
SHA256

e1c554dd10a3c18a7d30cfd2f4780489c0f3046230ec2c930daebedcf42d7ba7
SHA512

afaee799af9bbdc89fe3056ffb61155eaa8af95fc86df202086e821cfae7fa884cc5968b5f50e2a861a31fe304ef93f70532331b2e0f1231244126e23425f8d8
SSDEEP

3072:dZeyqx3CLWhTsYw5W0TH77sWipanZt5RZiDpwfaYC9F85uHMDmCyCqit/rRq4Iq:beyqAL75W0TbFn5RZIpwbC9FauH/LCqC

Score

N/A

Malware Config

Signatures

Files

e1c554dd10a3c18a7d30cfd2f4780489c0f3046230ec2c930daebedcf42d7ba7
.exe windows x86

1bc85009521f3fea7f221ff71f737aae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupSetNonInteractiveMode
SetupDiSetSelectedDriverW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiSelectBestCompatDrv
SetupDiOpenDeviceInfoA
SetupDiGetSelectedDriverW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstallParamsW
SetupDiGetClassImageIndex
SetupDiGetClassDevsA
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDriverInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
CM_Request_Device_EjectW
CM_Query_Arbitrator_Free_Size_Ex
CM_Locate_DevNodeA
CM_Get_Sibling
CM_Get_Res_Des_Data_Ex
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Depth
CM_Free_Res_Des_Ex
CM_Free_Log_Conf
CM_Add_Res_Des

ws2_32

connect
closesocket
getsockname
accept
WSAHtons
getsockopt
inet_addr
listen
recv
recvfrom
select
socket
bind

kernel32

TlsAlloc
TerminateThread
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetTapePosition
SetLastError
SetInformationJobObject
SetFilePointer
SetCommBreak
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
TlsFree
PrepareTape
OutputDebugStringA
OpenThread
MultiByteToWideChar
MoveFileW
Module32NextW
MapViewOfFile
LocalFree
LocalAlloc
LoadModule
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsDebuggerPresent
TlsGetValue
TlsSetValue
RaiseException
GetModuleFileNameW
lstrlenW
lstrcpyW
_lopen
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
CancelIo
ConnectNamedPipe
CreateEventA
CreateNamedPipeW
DeleteFileW
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeConsole
GetComputerNameExW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFullPathNameW
GetHandleInformation
GetLastError
GetMailslotInfo
IsDBCSLeadByte
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOverlappedResult
GetProcAddress
GetQueuedCompletionStatus
GetSystemInfo
GetTempPathW
GetTickCount
GetVersionExA
GlobalHandle
GlobalWire
InterlockedCompareExchange
InterlockedExchange
IsBadReadPtr
UnhandledExceptionFilter

advapi32

AllocateAndInitializeSid
GetLengthSid
DuplicateEncryptionInfoFile

shell32

SHGetFolderPathW

user32

MessageBoxW
MapWindowPoints
GetWindow
MsgWaitForMultipleObjectsEx
RegisterDeviceNotificationA
CharUpperA

ole32

CLSIDFromString
CoInitialize
CoRevertToSelf
CoSetProxyBlanket
CoTaskMemFree
CoUninitialize
GetHookInterface
SNB_UserSize

Exports

Exports

Backup
ExternalRestore
GetDriverInfo
HrCreateTridentMenu

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 995B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bc85009521f3fea7f221ff71f737aae

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ws2_32

kernel32

advapi32

shell32

user32

ole32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 995B

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 995B