e6d1ba7403a0cc09d2457b269442523075389719e85e5e4747a98661e1590def

Sharing

Copy URL

Twitter E-mail

General

Target

e6d1ba7403a0cc09d2457b269442523075389719e85e5e4747a98661e1590def
Size

668KB
MD5

48a61f356b589dc5e514493c2699c290
SHA1

eaf763bac17c3b5348afabc9c3f4ab10efd391ea
SHA256

e6d1ba7403a0cc09d2457b269442523075389719e85e5e4747a98661e1590def
SHA512

26cf99488268ae434591373b6ec8f78bae0b4f53d78d9cb5fa5b09df1ff926ce46cdc94cd41ad8b9285c71d20117b916a863d5a2851c0da271e1856092da4e8c
SSDEEP

12288:RNcw5lMe/uE1G3RkoszeaHKePeSdeyKxkI8aoJ00F5OiQzp9HnnlsMf:RNOe91GBkLqFePeSdi2WM5OHt9HnlsMf

Score

N/A

Malware Config

Signatures

Files

e6d1ba7403a0cc09d2457b269442523075389719e85e5e4747a98661e1590def
.dll windows x86

3096b7ac50cc76e8ab37265c37f20e0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

LoadTypeLi
VarUI4FromStr
UnRegisterTypeLi
SysStringLen
SysFreeString
SysAllocString
RegisterTypeLi

kernel32

CreateFileW
CreateMutexW
CreateThread
CreateWaitableTimerW
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FindResourceW
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetExitCodeThread
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
CreateEventW
GlobalFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LeaveCriticalSection
LoadResource
LocalAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
SetEvent
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcmpiW
lstrlenW
CloseHandle
CancelWaitableTimer
GlobalAlloc

setupapi

SetupDiSelectOEMDrv
SetupDiGetDeviceInterfaceAlias
SetupDiGetClassDevsW
SetupCloseInfFile
CM_Locate_DevNodeW
CM_Get_Sibling
CM_Get_Parent
CM_Add_Empty_Log_Conf_Ex
CM_Get_DevNode_Registry_PropertyW
CM_Delete_DevNode_Key

ole32

PropVariantClear
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoInitialize
CoCreateInstance
OleCreateFromFile

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyW
RegCloseKey

Exports

Exports

InPlaceDivide
Instance_NewRaw
NotImplementedError
Proxy_Type
SetFromWindowsErr
WriteObjectToFile
vSetTargetMPath
write_init_3

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3096b7ac50cc76e8ab37265c37f20e0f

Headers

File Characteristics

Imports

oleaut32

kernel32

setupapi

ole32

advapi32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 252KB - Virtual size: 252KB

.rsrc Size: 160KB - Virtual size: 158KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 252KB - Virtual size: 252KB

.rsrc
Size: 160KB - Virtual size: 158KB

.reloc
Size: 8KB - Virtual size: 7KB