e7eae140fffb7f6aff6842fb09cf4d812d5da7c36b052b484eda50bf36b2042f

Sharing

Copy URL

Twitter E-mail

General

Target

e7eae140fffb7f6aff6842fb09cf4d812d5da7c36b052b484eda50bf36b2042f
Size

549KB
MD5

58b74555bc3b1a2c93d59222c030fb47
SHA1

0f2e7b62556ac04fd88976f1c1f8ce3b6b3fceac
SHA256

e7eae140fffb7f6aff6842fb09cf4d812d5da7c36b052b484eda50bf36b2042f
SHA512

f4dbe9ae10381f3f2540ebfbe570880db3271795119169ccfed4b646f8b7971fb26e4761e6746da605a5bbc4c524d8255d02a82077d3fee481abf07aaf318b67
SSDEEP

12288:ozIgkS7VcXEh/xxB/8kOf/21OLH3O17j6DQGbswgC:ozIgkKVnUkO3LH3O17j6DlgC

Score

N/A

Malware Config

Signatures

Files

e7eae140fffb7f6aff6842fb09cf4d812d5da7c36b052b484eda50bf36b2042f
.dll windows x86

a0c48e35819cbd3cbbeaba5b4ada91cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

setupapi

SetupFindFirstLineW
SetupDiGetSelectedDriverW
SetupCloseInfFile
SetupGetStringFieldW
SetupFindNextLine
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW

shlwapi

PathRemoveFileSpecW
PathAppendW

kernel32

WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
VirtualFree
VirtualAlloc
TerminateProcess
Sleep
SetStdHandle
CloseHandle
CreateFileA
CreateFileW
CreateMutexW
CreateProcessW
EnterCriticalSection
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError

shell32

SHCreateDirectoryExW

Exports

Exports

Items
Member1_Get
Module_GetName
SetItem
StrictErrors
destroy_write_struct
get_signature
vInit

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0c48e35819cbd3cbbeaba5b4ada91cd

Headers

File Characteristics

Imports

advapi32

setupapi

shlwapi

kernel32

shell32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 188KB - Virtual size: 189KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 188KB - Virtual size: 189KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 11KB - Virtual size: 10KB