df96fbdc485a1e1ea806491031de35e7f87b3892fd7c9eb539648a766a128636

Sharing

Copy URL Twitter E-mail

General

Target

df96fbdc485a1e1ea806491031de35e7f87b3892fd7c9eb539648a766a128636
Size

256KB
MD5

45d3d88449bca07e132f9644a17ce0e0
SHA1

a69d60cc6904656369e6ab3c7929b0c82f94428f
SHA256

df96fbdc485a1e1ea806491031de35e7f87b3892fd7c9eb539648a766a128636
SHA512

1fa213f48a5de93c6497ee72e78246a61b18a88b3631d3788ff84429804057bcdb338229cb31800e08daf0c257335d9c363bfecb9d32158e76957e0b990631b4
SSDEEP

6144:t1gQ2a1hPxkG1/LpJyWFe7x/UdlnEjDl5TAob:ngw1hpNtJyCe7x/UlnE/P

Score

N/A

Malware Config

Signatures

Files

df96fbdc485a1e1ea806491031de35e7f87b3892fd7c9eb539648a766a128636
.dll windows x86

6c21986f2ae3aa4e5fbb5f30fcf56da9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atcomm

?RegisterSendDataPoint@AT@@UAE_NPAUISend@@@Z
?SRVGetManufactureModel@AT@@UAE_NPAUProductModelID@@PAK@Z
?UnRegisterSendDataPoint@AT@@UAE_NPAUISend@@@Z
??1AT@@UAE@XZ
??0AT@@QAE@XZ

isaputrace

?Traceout@CiSAPUTrace@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0H0@Z
?instance@CiSAPUTrace@@SAPAV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

cfgmgr32

CM_Get_Parent

kernel32

QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
GetPrivateProfileStringA
Sleep
DisableThreadLibraryCalls
LoadLibraryA
FreeLibrary
TerminateThread
CreateThread
CloseHandle
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetProcAddress

advapi32

RegCloseKey
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize
CLSIDFromProgID
CoUninitialize

msvcp71

?_Nomemory@std@@YAXXZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

free
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_stricmp
??_V@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
fclose
fread
ftell
fseek
fopen
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??3@YAXPAX@Z
_purecall
sprintf
_snprintf
time
atoi
difftime
memmove
__RTDynamicCast
strchr
strncmp
strstr
strtol
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList

Exports

Exports

DetectDevInstance

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c21986f2ae3aa4e5fbb5f30fcf56da9

Headers

File Characteristics

Imports

atcomm

isaputrace

cfgmgr32

kernel32

advapi32

ole32

msvcp71

msvcr71

setupapi

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 792B

.reloc Size: 16KB - Virtual size: 13KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 792B

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 108KB - Virtual size: 108KB