fbd8f1279d0657969667f69cb9ef4a690767ac78abc51da94d23352b33191288

Sharing

Copy URL Twitter E-mail

General

Target

fbd8f1279d0657969667f69cb9ef4a690767ac78abc51da94d23352b33191288
Size

416KB
MD5

408af8876043de7e4166aca462555132
SHA1

c77fd097967b57ce0390177444369a66ced7a36c
SHA256

fbd8f1279d0657969667f69cb9ef4a690767ac78abc51da94d23352b33191288
SHA512

146b6d333cf84bdff213f4193af2d9168b02b3a3c61d679938c388f44ca84a994ee965829843b414194de2a1271f5a08b0f5041efa1b67848c5c1d86e46155ae
SSDEEP

3072:dPEDiGwzctOvwTdamyE91cUgv24dVY2L9sV2ovFykzcbtRwg04s:dPYiGEbm3zDdgNicHc

Score

N/A

Malware Config

Signatures

Files

fbd8f1279d0657969667f69cb9ef4a690767ac78abc51da94d23352b33191288
.dll windows x86

c5d69188973ee96ddaf6f015d9aabb99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiOpenDevRegKey
SetupDiGetDeviceInstallParamsW
SetupCloseInfFile
SetupDiGetClassInstallParamsW
SetupDiDestroyDeviceInfoList
CM_Set_DevNode_Problem
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status
SetupDiSetDeviceRegistryPropertyW
CM_Get_Device_IDW
SetupDiOpenDeviceInfoW
SetupFindFirstLineW
SetupDiGetSelectedDriverW
SetupGetIntField
SetupDiSetClassInstallParamsW
SetupGetStringFieldW
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiGetActualSectionToInstallW
SetupDiGetDriverInfoDetailW
SetupDiSetDeviceInstallParamsW
SetupOpenInfFileW
CM_Get_Parent
SetupDiGetDeviceInstanceIdW

lz32

LZCopy
LZOpenFileW
LZClose

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathSkipRootW
PathIsRelativeW
PathRemoveFileSpecW
PathIsNetworkPathW
SHDeleteKeyW
PathAppendW
PathStripPathW
PathStripToRootW

comctl32

CreatePropertySheetPageW

kernel32

FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
RtlUnwind
DeleteCriticalSection
FlushFileBuffers
GetConsoleMode
GetEnvironmentStrings
ReadFile
SetEndOfFile
CreateFileA
LoadLibraryA
CreateFileW
InitializeCriticalSection
WriteConsoleW
FreeEnvironmentStringsW
GetCurrentProcessId
GlobalAlloc
GetModuleFileNameW
GlobalFree
GetSystemDirectoryW
Module32FirstW
FindClose
LoadLibraryW
FreeLibrary
GetLocalTime
Process32NextW
lstrcpyW
SetFileAttributesW
GetEnvironmentStringsW
CreateProcessW
Process32FirstW
lstrcatW
GlobalUnlock
OutputDebugStringW
Sleep
CopyFileW
GetTempPathW
GetModuleHandleW
MoveFileExW
FindNextFileW
CreateFileMappingW
CreateToolhelp32Snapshot
FindFirstFileW
GetFullPathNameW
GetCurrentThreadId
GetSystemWindowsDirectoryW
GetLastError
GetVersionExW
SetLastError
ReleaseMutex
GetProcAddress
RemoveDirectoryW
GetEnvironmentVariableW
CreateDirectoryW
GetExitCodeProcess
CloseHandle
GetTimeFormatW
MapViewOfFile
GlobalLock
UnmapViewOfFile
GetWindowsDirectoryW
WaitForSingleObject
GetFileAttributesW
DeleteFileW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetFilePointer
GetConsoleCP
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
GetStringTypeA
GetStringTypeW
CreateMutexW
GetLocaleInfoA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RaiseException
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
WriteFile

user32

GetProcessWindowStation
GetUserObjectInformationW
GetSystemMetrics
LoadStringW
MessageBoxW

advapi32

OpenSCManagerW
OpenServiceW
RegCreateKeyExW
RegEnumKeyExW
StartServiceW
ControlService
QueryServiceStatusEx
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
CloseServiceHandle
RegOpenKeyExW
RegDeleteValueW

shell32

SHGetFolderPathW

Exports

Exports

NVCoInstaller

Sections

.text
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d69188973ee96ddaf6f015d9aabb99

Headers

File Characteristics

Imports

setupapi

lz32

version

shlwapi

comctl32

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 292KB - Virtual size: 290KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 292KB - Virtual size: 290KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 12KB - Virtual size: 10KB