42ff23e02881874e60fad1d7bde93041ed6b12a2f0afc9c92f79007c99bed5f3

Sharing

Copy URL Twitter E-mail

General

Target

42ff23e02881874e60fad1d7bde93041ed6b12a2f0afc9c92f79007c99bed5f3
Size

484KB
MD5

52ac1f89ae4ec6a95e9319847e305be0
SHA1

305da3eef8b4f19e34428eecbea143aa835e68ef
SHA256

42ff23e02881874e60fad1d7bde93041ed6b12a2f0afc9c92f79007c99bed5f3
SHA512

0bfc3c942d71ce962a661c5d746dd1f67efc2e85827e96e099088383f082a7480ad44a229503d042bbcca55a212f9aedb9f20e6e70b77e04a780342ff2d63f7d
SSDEEP

12288:YTuP4FYVYvAaMnkRNfSKmXF3x9Xs1ctTuVjvyhdCNl+8/7j2U5fZD4YC3YPHLdLu:Y6QFfI9OcKvfDW3YPHW0/cXd

Score

N/A

Malware Config

Signatures

Files

42ff23e02881874e60fad1d7bde93041ed6b12a2f0afc9c92f79007c99bed5f3
.dll windows x86

228999c0175560c2f1aca0f270751b83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

setupapi

CM_Get_Device_IDW
CM_Get_Parent
CM_Get_Child
CM_Get_Sibling
CM_Locate_DevNodeW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Registry_PropertyW

kernel32

lstrlenW
lstrcmpiW
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SizeofResource
CancelWaitableTimer
CloseHandle
CreateEventW
CreateFileW
CreateMutexW
CreateThread
CreateWaitableTimerW
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FindResourceW
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetExitCodeThread
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
SetEvent
SetThreadLocale
SetUnhandledExceptionFilter
SetWaitableTimer

oleaut32

SysFreeString
VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysAllocString
RegisterTypeLi
LoadTypeLi

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
PropVariantClear
StringFromGUID2

Exports

Exports

Number_Divide
Occurred
UnpackTuple
_Clear
_List
_bitdepth_threshold
set_convert_alpha
vLoadModuleW

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

228999c0175560c2f1aca0f270751b83

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

oleaut32

ole32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 56KB - Virtual size: 55KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 56KB - Virtual size: 55KB

.reloc
Size: 12KB - Virtual size: 11KB