95b1e8ddee982a6f620b78d3e41e07bef43fa7b41d10d54f9613af0b5cbd0092

Sharing

Copy URL Twitter E-mail

General

Target

95b1e8ddee982a6f620b78d3e41e07bef43fa7b41d10d54f9613af0b5cbd0092
Size

828KB
MD5

68ce5562bbc740fe9b3855bbe256d630
SHA1

a938a604c2ee245c58ed27e1c543c1cf8124a5d0
SHA256

95b1e8ddee982a6f620b78d3e41e07bef43fa7b41d10d54f9613af0b5cbd0092
SHA512

57924f829c749c2ce461e216757d029b66e73ad907e2e2c6868f9b7222b4082dece1e40a9278337ff0dd3d1579eec2c76935d8a34af74b0c16d8160334abc655
SSDEEP

12288:ra5lbmstV/4unZTyMDnwDHKi7xzh+zdCLFlMcN0NoA9H1BVTbXqf6IDvdt7SBOZf:Qnto+kjM3B1iYBcmeEXPfwCsAM

Score

N/A

Malware Config

Signatures

Files

95b1e8ddee982a6f620b78d3e41e07bef43fa7b41d10d54f9613af0b5cbd0092
.dll windows x86

5cfa12b9b6592a5f417330b497f22b7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
CM_Get_Device_IDW
CM_Locate_DevNodeW
CM_Get_DevNode_Registry_PropertyW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Child
CM_Get_Sibling

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW

kernel32

CloseHandle
GetOverlappedResult
lstrcmpiW
InterlockedExchange
MultiByteToWideChar
GetModuleHandleW
LocalFree
ResetEvent
WaitForSingleObject
CreateWaitableTimerW
Sleep
InterlockedCompareExchange
WideCharToMultiByte
ReleaseMutex
CreateThread
CreateMutexW
GetVersionExA
GetModuleHandleA
GetCurrentProcessId
TerminateProcess
OutputDebugStringA
FreeLibrary
lstrlenW
GlobalFree
VirtualAlloc
GlobalAlloc
DeviceIoControl
GetDateFormatA
ReadFile
CreateEventW
QueryPerformanceCounter
GetSystemTimeAsFileTime
LocalAlloc
GetTickCount
GetCurrentThreadId
LeaveCriticalSection
RaiseException
InitializeCriticalSection
GetExitCodeThread
InterlockedIncrement
GetThreadLocale
EnterCriticalSection
SetEvent
SetWaitableTimer
DeleteCriticalSection
InterlockedDecrement
LoadResource
SetThreadLocale
GetModuleFileNameW
WaitForMultipleObjects
GetLastError
CreateFileW
FindResourceW
UnhandledExceptionFilter
CancelWaitableTimer
SizeofResource
SetUnhandledExceptionFilter

oleaut32

SysAllocString
SysStringLen
VarUI4FromStr
SysFreeString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi

ole32

CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
PropVariantClear
CoInitialize
StringFromGUID2
CoUninitialize

Exports

Exports

CallMethodObjOrgs
DelItemString
_Readline
_vsnprintf
get_IHDR
get_image_height
vSetParentWindow

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cfa12b9b6592a5f417330b497f22b7d

Headers

File Characteristics

Imports

setupapi

advapi32

kernel32

oleaut32

ole32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 448KB - Virtual size: 448KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 6KB