9477803e72b09ac8ceda220ec3cd691722bb6838d9877998b16ed49fdc7f7ee4

Sharing

Copy URL

Twitter E-mail

General

Target

9477803e72b09ac8ceda220ec3cd691722bb6838d9877998b16ed49fdc7f7ee4
Size

452KB
MD5

933fa67901ab145f6b2c3f1a5af5e130
SHA1

2e86e998606c1e8a720ad044b4d725f372378797
SHA256

9477803e72b09ac8ceda220ec3cd691722bb6838d9877998b16ed49fdc7f7ee4
SHA512

0f07c0a6065b88edfcc8cbc55b77027b463aeb86ef0297f2aac45467f298f96c545537a9bd0947897328ebb7f2717e82f4e8fc2eea2660f1ff1ee4b7e2cd7dfd
SSDEEP

12288:YfzIURowJNKr0WOICU2F+L3I3aqIPa1eFs9ibvX4f6zxyZcbR1KVIREGWadKv7x8:czI6oymokAj4K9qWm

Score

N/A

Malware Config

Signatures

Files

9477803e72b09ac8ceda220ec3cd691722bb6838d9877998b16ed49fdc7f7ee4
.dll windows x86

7bd2367173e4abd0c7b97fcc1c2fc98b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetWaitableTimer
GetModuleFileNameW
SetThreadLocale
InterlockedIncrement
RaiseException
InterlockedDecrement
GetDateFormatA
UnhandledExceptionFilter
lstrlenW
lstrcmpiW
QueryPerformanceCounter
VirtualAlloc
GetModuleHandleA
WaitForMultipleObjects
CloseHandle
CreateMutexW
SizeofResource
LoadResource
InitializeCriticalSection
LocalAlloc
FreeLibrary
CreateFileW
ReleaseMutex
DeleteCriticalSection
ReadFile
WideCharToMultiByte
InterlockedCompareExchange
WaitForSingleObject
InterlockedExchange
CancelWaitableTimer
OutputDebugStringA
GetCurrentProcessId
GetModuleHandleW
TerminateProcess
LeaveCriticalSection
GlobalAlloc
LocalFree
ResetEvent
EnterCriticalSection
SetUnhandledExceptionFilter
GlobalFree
CreateThread
GetCurrentThreadId
CreateWaitableTimerW
GetLastError
CreateEventW
GetVersionExA
GetTickCount
Sleep
GetSystemTimeAsFileTime
GetThreadLocale
GetExitCodeThread
GetOverlappedResult
DeviceIoControl
SetEvent
MultiByteToWideChar
FindResourceW

setupapi

CM_Get_Parent
CM_Get_Child
CM_Get_Sibling
SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Registry_PropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyW

oleaut32

SysStringLen
LoadTypeLi
UnRegisterTypeLi
SysFreeString
VarUI4FromStr
SysAllocString
RegisterTypeLi

ole32

PropVariantClear
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoCreateInstance
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2

Exports

Exports

Contains
EvalFrame
NewWrapper
NormalizeException

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bd2367173e4abd0c7b97fcc1c2fc98b

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

oleaut32

ole32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 8KB - Virtual size: 7KB