9e32a2b36ae7e81832eb4d1fd5a5cf5de35b26659ce06011a648d77119f58b81

General

Target

9e32a2b36ae7e81832eb4d1fd5a5cf5de35b26659ce06011a648d77119f58b81
Size

125KB
MD5

228c388ed145d05c763c5f2dd84a2cb0
SHA1

3d6c395adef1f1e47062d88b54888c6965d4e537
SHA256

9e32a2b36ae7e81832eb4d1fd5a5cf5de35b26659ce06011a648d77119f58b81
SHA512

66f5e2062dda687597888c3ab60c07294b153818e6f21e60c8e34140a18b219cf26c67f47916235a2d270c31a169ab585ea26f20114ec6658200f74466ce81e5
SSDEEP

3072:43a/FLJ++bMgf/sQvVqRlkM4OAD/KLznBuB2JA2Bju3fJN:43a9LJ+Kv/sQvMRlkM4RD/qzMfU+JN

Score

N/A

Malware Config

Signatures

Files

9e32a2b36ae7e81832eb4d1fd5a5cf5de35b26659ce06011a648d77119f58b81
.dll windows x86

650639c6763de4efeee88399901fd301

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetCurrentProcess
FindNextFileA
CopyFileA
FindFirstFileA
GetCurrentDirectoryA
GetLastError
FindClose
DeleteCriticalSection
HeapDestroy
WideCharToMultiByte
SetEnvironmentVariableA
SetCurrentDirectoryA
MoveFileA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetWindowsDirectoryA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
VirtualFree
WriteFile
LCMapStringA
LCMapStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW

user32

MessageBoxA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

Exports

Exports

InstallNTDriver
UnInstallNTDriver

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

650639c6763de4efeee88399901fd301

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 21KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 21KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB