4a65a8f9715d9a0ea4c38712b9f6bf766e2fd7d78e6195d26ef35098b564a562

Sharing

Copy URL Twitter E-mail

General

Target

4a65a8f9715d9a0ea4c38712b9f6bf766e2fd7d78e6195d26ef35098b564a562
Size

132KB
MD5

443b5b4f01b42c570d1e680ca07a1dc9
SHA1

0dab1f6069293928d3fc40dcab70a378e163f9fd
SHA256

4a65a8f9715d9a0ea4c38712b9f6bf766e2fd7d78e6195d26ef35098b564a562
SHA512

f886588a5bdbe804773ce60246d00f736039c6f2fe65746de55a3cba284bb2fb6702144abc26c314842811794831ea61ae0ff9f3ffc002af89879a3478ed6ed2
SSDEEP

3072:rw/7dGLItutMcUouPCLeFu48lkiZxIW43:rwOIRcUouPCLb48lkiZt

Score

N/A

Malware Config

Signatures

Files

4a65a8f9715d9a0ea4c38712b9f6bf766e2fd7d78e6195d26ef35098b564a562
.dll windows x86

06380e1ef8fecc3f23030b95cb525179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDosDeviceA
GetVersionExA
InitializeCriticalSection
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
lstrcpyA
lstrcmpiA
lstrlenA
lstrcpynA
GetLastError
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

wsprintfA

setupapi

CM_Get_Child
CM_Get_DevNode_Registry_PropertyA
CM_Get_Device_IDA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

GetDeviceStorageDeviceName
GetDeviceStorageDeviceNameEx
Search_DeviceDrive
Search_DeviceDrive_2kXP

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06380e1ef8fecc3f23030b95cb525179

Headers

File Characteristics

Imports

kernel32

user32

setupapi

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 64KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 64KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB