60408e1784666af0cc774e2d020600207a9156a4b93fb88ea3896ef5b3092284

Sharing

Copy URL Twitter E-mail

General

Target

60408e1784666af0cc774e2d020600207a9156a4b93fb88ea3896ef5b3092284
Size

148KB
MD5

4aa6c06af18c6b2ae43f4ff8d72923b0
SHA1

96d9aaae3081ffb5e79680aeaa1c844713eac7e2
SHA256

60408e1784666af0cc774e2d020600207a9156a4b93fb88ea3896ef5b3092284
SHA512

dea8b5a5acf6bf5fc130626067c2afb43ff5f96cdfd2e961b36e10cdbb2c379f8b5ea58b1f3756b86fb1c35fe2bdcd61817e7e94ae0ad27a944832a1438f6d2d
SSDEEP

3072:pEdtXadBRM/8bjG9tWVzZoqDLDj4KE03FV:atXj0iwLD8KEu

Score

N/A

Malware Config

Signatures

Files

60408e1784666af0cc774e2d020600207a9156a4b93fb88ea3896ef5b3092284
.dll windows x86

f2403036a549e9d2cb91b1c310701f5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupIterateCabinetW
SetupInstallFromInfSectionW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupDiOpenClassRegKey
SetupCloseInfFile
SetupFindFirstLineW
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsW
SetupOpenInfFileW
SetupDiGetActualSectionToInstallW

shlwapi

PathAppendW
PathRemoveFileSpecW

kernel32

GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetPrivateProfileStringW
GetLastError
SetLastError
HeapAlloc
HeapFree
GetVersionExW
CopyFileW
GetFileAttributesW
WritePrivateProfileStringW
GetTempPathW
GetProcAddress
FindClose
GetCurrentProcessId
GetWindowsDirectoryW
FindFirstFileW
DeleteFileW
SetFileAttributesW
GetCurrentProcess
CreateDirectoryW
GetModuleHandleW
GetModuleFileNameW
MultiByteToWideChar
FindNextFileW
Sleep
CreateFileW
lstrlenW
MoveFileExW
lstrcmpiW
CloseHandle
HeapSize
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
RtlUnwind
RemoveDirectoryW
RaiseException
LoadLibraryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
MoveFileW
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
WideCharToMultiByte
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount

user32

GetDesktopWindow

advapi32

QueryServiceStatus
StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
ControlService

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString

oleaut32

SysFreeString
SysAllocString

Exports

Exports

Coinstaller_EntryPoint
DllMain
NW_EntryPointA
NW_EntryPointW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2403036a549e9d2cb91b1c310701f5b

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB