d196aa05eab081d86ea8da3acd2d36d767a4de0384b410409baf491bebe85ccd

Sharing

Copy URL Twitter E-mail

General

Target

d196aa05eab081d86ea8da3acd2d36d767a4de0384b410409baf491bebe85ccd
Size

404KB
MD5

a0ed4ad6ac49c43923506a75b0f106a0
SHA1

b60cd25d28e1fd4adff0c5cc48818253500cb97c
SHA256

d196aa05eab081d86ea8da3acd2d36d767a4de0384b410409baf491bebe85ccd
SHA512

233c3113b31736f274e73f9553da57d5a0b8f25550e1f7907aa6808e442eeba60c97453c3875910f8f6c8c12e5d9efed539db9c9f7d4c3eb98105d20c6c1a1b3
SSDEEP

6144:s9xPD4iqN/EqQiaNdkFn6qNvJxKO67AChs7RV+NGt:s9xPsx/Ulu6WcvsFVft

Score

N/A

Malware Config

Signatures

Files

d196aa05eab081d86ea8da3acd2d36d767a4de0384b410409baf491bebe85ccd
.dll windows x86

af6e4ccd264745037fac77faa85cf7b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Add_Empty_Log_Conf_Ex
CM_Locate_DevNodeW
SetupCloseInfFile
SetupDiGetClassDevsW
CM_Get_Parent
SetupDiGetDeviceInterfaceAlias
CM_Get_DevNode_Registry_PropertyW
SetupDiSelectOEMDrv
CM_Get_Sibling
CM_Delete_DevNode_Key

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCreateKeyW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW

ole32

PropVariantClear
CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoUninitialize
OleCreateFromFile
CoInitializeEx

kernel32

InterlockedIncrement
TerminateProcess
InterlockedExchange
WideCharToMultiByte
RaiseException
GetCurrentProcessId
GetThreadLocale
CreateMutexW
SetEvent
LoadResource
FindResourceW
LocalFree
CancelWaitableTimer
GlobalAlloc
GlobalFree
SetWaitableTimer
GetDateFormatA
MultiByteToWideChar
lstrlenW
GetOverlappedResult
EnterCriticalSection
ReleaseMutex
GetVersionExA
ResetEvent
DeviceIoControl
DeleteCriticalSection
CreateWaitableTimerW
WaitForSingleObject
GetLastError
lstrcmpiW
CloseHandle
InterlockedDecrement
InitializeCriticalSection
QueryPerformanceCounter
UnhandledExceptionFilter
OutputDebugStringA
CreateThread
CreateFileW
Sleep
LeaveCriticalSection
GetModuleFileNameW
GetTickCount
GetCurrentThreadId
CreateEventW
GetSystemTimeAsFileTime
GetModuleHandleW
FreeLibrary
LocalAlloc
GetModuleHandleA
WaitForMultipleObjects
InterlockedCompareExchange
SetUnhandledExceptionFilter
VirtualAlloc
ReadFile
GetExitCodeThread

oleaut32

SysStringLen
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
VarUI4FromStr
LoadTypeLi

Exports

Exports

Dir
NameDontError
NewMethod
set_IHDR
set_pCAL
vGetFileW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af6e4ccd264745037fac77faa85cf7b5

Headers

File Characteristics

Imports

setupapi

advapi32

ole32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 8KB - Virtual size: 7KB