71c3faa4270933b18c8e8e43e2571cd715777205c893cf6e96b7be704cfe9dcd

Sharing

Copy URL Twitter E-mail

General

Target

71c3faa4270933b18c8e8e43e2571cd715777205c893cf6e96b7be704cfe9dcd
Size

368KB
MD5

84a67573bba3d7e11b83b4165ee45e49
SHA1

ae4e92c897315d3f32a851ec1abc0283fe929145
SHA256

71c3faa4270933b18c8e8e43e2571cd715777205c893cf6e96b7be704cfe9dcd
SHA512

8615f890db3fc89d35e60d8678b4717c62dbc5413674f6bc63fcc5866f1709e2024bac184b92e2e9941dc38cd5db5b2c44f5bef9866ca51749b0713d113a3daf
SSDEEP

6144:f9SEDLtiMJJ4fXa570koTQRiIGIA44dky0lva6m41MsCFxK:f86J4fXa5PHRsfWyka6mgC6

Score

N/A

Malware Config

Signatures

Files

71c3faa4270933b18c8e8e43e2571cd715777205c893cf6e96b7be704cfe9dcd
.dll windows x86

6dbde9168ee76a76988bf857eb8cdf6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
ExitProcess
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GlobalFindAtomW
LoadLibraryA
GetVersionExA
InterlockedIncrement
FormatMessageW
GetModuleHandleA
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
lstrlenW
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetLastError
GlobalAddAtomW
CloseHandle
InterlockedDecrement
SetLastError
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
GetCurrentProcessId
GetDriveTypeW
GetLogicalDrives
Sleep
GetFileAttributesW
GetModuleFileNameW
GetEnvironmentStringsW
CallNamedPipeW

user32

LoadCursorW
GetSysColorBrush
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuItemID
GetSubMenu
GetSysColor
ReleaseDC
GetDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetMenuItemCount
UnregisterClassW
GetWindowThreadProcessId
DestroyMenu
CreateWindowExW
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
SendMessageW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
PostMessageW
PostQuitMessage
GetSystemMetrics
UnregisterClassA

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
CreateBitmap
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
ExtTextOutW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteExW

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

FSUSB_Disable
FSUSB_Drive
FSUSB_Enable
FSUSB_Finalize
FSUSB_Initize
FSUSB_LoadDevice
FSUSB_SetAgentPid
FSUSB_UnloadDevice

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6dbde9168ee76a76988bf857eb8cdf6f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

oleaut32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 20KB - Virtual size: 17KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 168KB - Virtual size: 168KB