f63208c071bd3eb31b17b20eae5289733cab93e30d595e607db1fbffba3e64d6

Sharing

Copy URL Twitter E-mail

General

Target

f63208c071bd3eb31b17b20eae5289733cab93e30d595e607db1fbffba3e64d6
Size

464KB
MD5

02215162afca9b3596623d02fefb5d60
SHA1

32afbf788d8db6f218d8fa6814b204c27af0d27d
SHA256

f63208c071bd3eb31b17b20eae5289733cab93e30d595e607db1fbffba3e64d6
SHA512

71c2384754d858bcac79638288889c59543e349b6d06026190802469c0da6fce0148df30672d87f013c71c3586df3a95d0681efcafd4090d5119a3a7096a8fe1
SSDEEP

12288:PN3O2AGGMqwJq5pTt7Hgpd283El1Z/fMBmGgYH8n3eGib3kYkQEp30/m:PJlAGbJiTt0pd2gEl1RkBcYe3ede3j

Score

N/A

Malware Config

Signatures

Files

f63208c071bd3eb31b17b20eae5289733cab93e30d595e607db1fbffba3e64d6
.dll windows x86

344b033b89e823b1f7e5734779648d30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartPage
StartDocW
SetLayout
SetBkColor
SelectObject
GetTextMetricsW
GetObjectW
GetDeviceCaps
EndPage
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
Chord

kernel32

GetACP
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeInfo
GetOEMCP
GetPriorityClass
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTempFileNameW
GetThreadLocale
GetThreadSelectorEntry
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
HeapAlloc
FreeLibrary
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileExW
MulDiv
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadConsoleOutputAttribute
ReadConsoleOutputW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetEndOfFile
SetEvent
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputAttribute
WriteConsoleOutputW
WriteConsoleW
WriteFile
lstrcmpW
lstrcmpiW
lstrlenW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindClose
FillConsoleOutputCharacterW
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateTimerQueue
CreateThread
CreateMutexW
CreateFileMappingW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CloseHandle
HeapCreate

setupapi

SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetSelectedDevice
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetIntField
SetupGetLineCountW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInstallFilesFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileW
SetupPromptReboot
SetupQueueCopyIndirectW
SetupQueueCopyW
CMP_WaitNoPendingInstallEvents
CM_Enumerate_Classes
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiOpenDevRegKey
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiGetActualSectionToInstallW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiClassNameFromGuidW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDefaultQueueCallbackW
SetupCopyOEMInfW
SetupCommitFileQueueW
SetupCloseInfFile
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

AddAccessAllowedAce
StartServiceW
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
QueryServiceStatus
OpenServiceW
OpenProcessToken
LsaEnumerateAccountsWithUserRight
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
AddAccessDeniedAceEx
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptGetKeyParam
DeleteService
EqualSid
FreeSid

user32

CallNextHookEx
CallWindowProcW
CharLowerW
CheckDlgButton
CreateIconIndirect
DdeConnectList
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxParamW
DrawTextExW
GetDC
GetDlgItem
GetMenuBarInfo
GetParent
GetSysColor
GetSystemMetrics
GetWindowLongW
InvalidateRect
IsDlgButtonChecked
LoadBitmapW
LoadIconW
LoadImageW
LockSetForegroundWindow
PackDDElParam
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseDC
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetFocus
SetWindowLongW
SetWindowTextW
ShowWindow
SystemParametersInfoW
UnregisterClassA

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

Exports

Exports

AsDouble
EvalFrameEx
FloatingPointError
GetSelf
NewEx
Number_ToBase
PrintEx
chunk_error

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344b033b89e823b1f7e5734779648d30

Headers

File Characteristics

Imports

gdi32

kernel32

setupapi

version

advapi32

user32

shell32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 226KB - Virtual size: 225KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 226KB - Virtual size: 225KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 3KB - Virtual size: 3KB