b685f64822ccc375ec2424f7424d12904b530f8bddb0febed35a09c6af211b55

Sharing

Copy URL Twitter E-mail

General

Target

b685f64822ccc375ec2424f7424d12904b530f8bddb0febed35a09c6af211b55
Size

180KB
MD5

4597167ad7d891a0dccf89da357d113b
SHA1

4ca2b8dd579498a9f60ab3b9eaa780fbe002ae26
SHA256

b685f64822ccc375ec2424f7424d12904b530f8bddb0febed35a09c6af211b55
SHA512

2c3ab1d85c3dc653882e3adb635c40091128c824d1fa682e5dcc76665dbbc5ced4535f59f74c849ad69d590c44dcd2954223bc4c5ef3f0173d5bdb7ad04ee9fa
SSDEEP

3072:D0V2JibDEUgJffOmuCSQ2kYrgI7SHesmtUoJb5Wu:D0AJNUmuRQ2kpGYewu

Score

N/A

Malware Config

Signatures

Files

b685f64822ccc375ec2424f7424d12904b530f8bddb0febed35a09c6af211b55
.dll windows x86

a5a2b387dd6983d03968544c8ab49ffa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_DevNode_Status

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiClassGuidsFromNameA
SetupDiGetClassDevsA
SetupDiOpenClassRegKey

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
Sleep
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
VirtualProtect
GetSystemInfo
VirtualQuery
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
GetModuleFileNameA
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GlobalFlags
SetLastError
GetVersion
lstrcpynA
lstrcatA
SetErrorMode
GetLastError
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrcpyA
SetHandleCount
OutputDebugStringA

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SystemParametersInfoA
IsIconic
SetCursor
PostMessageA
PostQuitMessage
wsprintfA
SendMessageA
GetMenuCheckMarkDimensions
ModifyMenuA

gdi32

CreateBitmap
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Exports

Exports

EnumDevices
EnumDevicesChange
GetDeviceInfo
ShowDevice8180

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5a2b387dd6983d03968544c8ab49ffa

Headers

File Characteristics

Imports

cfgmgr32

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 238KB

.sxdata Size: 60KB - Virtual size: 56KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 238KB

.sxdata
Size: 60KB - Virtual size: 56KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 10KB