d694ff348d3167e7f2d74109adee56e2aff17ef8fa00a2469bfd761847372a8b

Sharing

Copy URL Twitter E-mail

General

Target

d694ff348d3167e7f2d74109adee56e2aff17ef8fa00a2469bfd761847372a8b
Size

180KB
MD5

91a7d960875241127d8282dd19fb201a
SHA1

92f297c2934a28b77dd22f90eb50734bcc0632d3
SHA256

d694ff348d3167e7f2d74109adee56e2aff17ef8fa00a2469bfd761847372a8b
SHA512

f4fe998aba5ec07de4bd1e73a6ce7cb493529b4d61d0a4036d93b0708d35c15fc22dc3470b7fefb9f3af8f198004c57fcd6a6f83134195e0d75992abf40ee878
SSDEEP

3072:MpOq4wQo3S8ttXQWFYb55Zk7qH80NSXB01Q+9oFINUsQT3COQfqeKcOr1osh:M8qoo3SdWqHvNEa1Q+9oFTsA3+fBhm

Score

N/A

Malware Config

Signatures

Files

d694ff348d3167e7f2d74109adee56e2aff17ef8fa00a2469bfd761847372a8b
.dll windows x86

89dd6622f536e3c72bdbec74ab9b9225

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigW
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateServiceW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetKeySecurity
RegSetValueExW
StartServiceW

msvcrt

_vsnwprintf
_except_handler3
wcscmp

shell32

SHExtractIconsW
ShellExecuteW

setupapi

CMP_UnregisterNotification
CM_Create_Range_List
SetupCloseLog
SetupDiCreateDevRegKeyW
SetupDiGetClassInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiInstallDevice
SetupDiOpenDevRegKey
SetupDiSetClassInstallParamsW
SetupLogErrorW
SetupOpenLog

user32

GetDlgItem
GetParent
GetWindowLongW
GetWindowTextW
EndDialog
SendMessageW
SetWindowLongW
SetWindowTextW
ShowWindow
IsWindowEnabled
EnableWindow
LoadStringW
DialogBoxParamW

kernel32

DeviceIoControl
lstrcpynW
lstrcmpiW
VirtualProtect
VirtualFree
VirtualAlloc
VerifyVersionInfoW
VerSetConditionMask
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
QueryPerformanceCounter
OutputDebugStringW
MultiByteToWideChar
LocalAlloc
GetWindowsDirectoryW
GetTickCount
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLastError
GetCurrentThreadId
GetCurrentProcess
GetComputerNameW
ExitProcess
DisableThreadLibraryCalls
CreateFileW
CloseHandle
CompareStringW
lstrlenW

gdi32

GetAspectRatioFilterEx
CloseEnhMetaFile

Exports

Exports

CreateEnumFormatEtc
CreateTempFileStream
FBuildTempPathW
GetIndexInfo
HrGetBodyElement
Init

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89dd6622f536e3c72bdbec74ab9b9225

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

shell32

setupapi

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 40KB - Virtual size: 41KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 40KB - Virtual size: 41KB

.rsrc
Size: 5KB - Virtual size: 5KB