71885c302fd073e3bd149216ee652b2e8f3f445246fd61c7e43b8fa5f5c08c2c

Sharing

Copy URL Twitter E-mail

General

Target

71885c302fd073e3bd149216ee652b2e8f3f445246fd61c7e43b8fa5f5c08c2c
Size

447KB
MD5

7d000cee273cf1637fdae605ffec7d4f
SHA1

cf1a37fed5c92aa11b9be12c8ae49c07dc5dad58
SHA256

71885c302fd073e3bd149216ee652b2e8f3f445246fd61c7e43b8fa5f5c08c2c
SHA512

c9f80fae7dead071a7587a59c7e025b87d384da4e6f09653f7e024080ba7073edcb58c1d7a3f47b3cb468a57cf5c119e608b47f42b56bcd9153aabb53c1ccd21
SSDEEP

6144:P34kbbBEzr11Yf5sT/Wy+AlZh3KMu3prbpo3IRMA18pFliO+Us8A7OXwqJvN7EVy:Dber3YqiyBhaMIr9GLDliOoRM7GyOyx

Score

N/A

Malware Config

Signatures

Files

71885c302fd073e3bd149216ee652b2e8f3f445246fd61c7e43b8fa5f5c08c2c
.dll windows x86

4e3db6f63725b11947d1a60698b9e6c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeleteService
EqualSid
FreeSid
GetEventLogInformation
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
LsaEnumerateTrustedDomainsEx
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryRecoveryAgentsOnEncryptedFile
QueryServiceStatus
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetEntriesInAclW
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceW
SystemFunction010

setupapi

SetupDiOpenDevRegKey
CM_Enumerate_Classes
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
SetupQueueCopyIndirectW
SetupOpenInfFileW
SetupOpenFileQueue
SetupOpenAppendInfFileW
SetupInstallServicesFromInfSectionW
SetupInstallFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupGetTargetPathW
SetupGetStringFieldW
SetupGetLineCountW
SetupGetIntField
SetupFindNextMatchLineW
SetupFindNextLine
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
CMP_WaitNoPendingInstallEvents
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetActualSectionToInstallW
SetupDiDestroyDeviceInfoList
SetupDiClassNameFromGuidW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDefaultQueueCallbackW
SetupCopyOEMInfW
SetupCommitFileQueueW
SetupCloseInfFile
CM_Query_And_Remove_SubTreeW
CM_Locate_DevNodeW

shell32

DuplicateIcon
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

kernel32

lstrcmpiW
lstrcmpW
WriteFile
WriteConsoleW
WriteConsoleOutputW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObjectEx
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
VerifyVersionInfoW
VerSetConditionMask
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadLocale
SetStdHandle
SetLastError
CloseHandle
CompareStringW
ConvertThreadToFiber
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateMutexW
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FillConsoleOutputCharacterW
FindClose
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTempFileNameW
GetThreadLocale
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OutputDebugStringA
Process32Next
QueryPerformanceCounter
RaiseException
ReadConsoleOutputW
ReadFile
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetEvent
SetFileAttributesW
SetFilePointer
SetHandleCount

gdi32

StartDocW
SetLayout
GetTextMetricsW
GetObjectW
GetDeviceCaps
EndPage
EndDoc
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap

user32

AllowSetForegroundWindow
CallWindowProcW
CharLowerW
CheckDlgButton
CreateIconIndirect
CreateWindowExW
DeleteMenu
DestroyIcon
DestroyWindow
DialogBoxParamW
DrawIconEx
DrawTextExW
EndDialog
EnumThreadWindows
GetClipCursor
GetCursorInfo
GetDC
GetDlgItem
GetIconInfo
GetParent
GetProcessWindowStation
GetSysColorBrush
GetSystemMetrics
GetWindowLongW
InternalGetWindowText
InvalidateRect
IsDlgButtonChecked
LoadBitmapW
LoadIconW
LoadImageW
MessageBoxW
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseDC
SendMessageW
SetClassWord
SetDlgItemTextW
SetFocus
SetWindowLongW
ShowWindow
SystemParametersInfoW
UnregisterClassA

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

ClearFreeList
State_Delete
get_oFFs
get_progressive_ptr
set_write_status_fn

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e3db6f63725b11947d1a60698b9e6c9

Headers

File Characteristics

Imports

advapi32

setupapi

shell32

kernel32

gdi32

user32

version

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 194KB - Virtual size: 193KB

.data Size: 102KB - Virtual size: 103KB

.rsrc Size: 35KB - Virtual size: 34KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 194KB - Virtual size: 193KB

.data
Size: 102KB - Virtual size: 103KB

.rsrc
Size: 35KB - Virtual size: 34KB

.reloc
Size: 6KB - Virtual size: 5KB