156808e3398baf731d57acdc7e4bc95254be113d5664baace88fe9dc23dacef7

Sharing

Copy URL Twitter E-mail

General

Target

156808e3398baf731d57acdc7e4bc95254be113d5664baace88fe9dc23dacef7
Size

451KB
MD5

a2ffc3be1a2925d866bcb8e846225d5e
SHA1

0c6452e54ab68e2443194a6751ab519b048a17b1
SHA256

156808e3398baf731d57acdc7e4bc95254be113d5664baace88fe9dc23dacef7
SHA512

118f90b3ce75c3c66a515599d2f8528f555eac809fe150b0ca39d64f62240c01c714d9f8b91c350b8f1555ae5d5c5f088f9279e279adebfef998264ff3d24c89
SSDEEP

12288:JM/VtPq0Akl7ugrEMegV9ASxJmikND494P5D8:w2uug8UA8coyP5Q

Score

N/A

Malware Config

Signatures

Files

156808e3398baf731d57acdc7e4bc95254be113d5664baace88fe9dc23dacef7
.dll windows x86

94edcacea6b988baea6704f4fb31f411

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InterlockedCompareExchange
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalAlloc
LocalReAlloc
LockResource
MoveFileExW
OutputDebugStringA
GetLocaleInfoA
RaiseException
ReadConsoleOutputW
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetEvent
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputW
WriteConsoleW
WriteFile
_lwrite
lstrcmpW
lstrcmpiW
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentDirectoryW
GetConsoleScreenBufferInfo
GetConsoleOutputCP
CloseHandle
GetConsoleMode
GetCommandLineW
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindClose
FillConsoleOutputCharacterW
ExitProcess
DeviceIoControl
DeleteTimerQueueTimer
CreateThread
CreateMutexW
CreateFileMappingW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
QueryPerformanceCounter

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

advapi32

GetLengthSid
AllocateAndInitializeSid
CloseServiceHandle
ControlService
CryptSetProvParam
DeleteService
EqualSid
FreeSid
GetTokenInformation
StartServiceW
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegOpenUserClassesRoot
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenServiceW
OpenSCManagerW
OpenProcessToken
LsaStorePrivateData
InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAce

setupapi

SetupCloseInfFile
SetupCommitFileQueueW
SetupCopyOEMInfW
SetupDefaultQueueCallbackW
SetupDiBuildDriverInfoList
SetupDiClassNameFromGuidW
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetActualSectionToInstallW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetSelectedDevice
SetupFindFirstLineW
SetupFindNextMatchLineW
SetupGetFieldCount
SetupGetIntField
SetupGetLineCountW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInitDefaultQueueCallbackEx
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileW
SetupPromptReboot
SetupQueueCopyIndirectW
SetupQueueCopyW
SetupTermDefaultQueueCallback
SetupCloseFileQueue
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_Device_IDW
CM_Get_DevNode_Status
CMP_WaitNoPendingInstallEvents

gdi32

GetTextMetricsW
GetObjectW
GetDeviceCaps
EndDoc
DeleteObject
DeleteDC
CreateCompatibleDC
PolylineTo
SelectObject
SetLayout
StartDocW
CreateCompatibleBitmap

user32

AllowSetForegroundWindow
CallWindowProcW
CharLowerW
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DestroyCaret
DestroyIcon
DestroyWindow
DragObject
DrawTextExW
EndDialog
GetDC
GetDlgItem
GetIconInfo
GetParent
GetSysColor
GetSystemMetrics
GetUserObjectInformationW
GetWindowLongW
HiliteMenuItem
InvalidateRect
IsDlgButtonChecked
LoadBitmapW
LoadIconW
MessageBoxW
PostMessageW
RegisterClassExW
ReleaseDC
SendDlgItemMessageW
SendMessageW
SetDlgItemTextW
SetFocus
SetMenuDefaultItem
SetScrollRange
SetWindowLongW
SetWindowTextW
ShowWindow
SystemParametersInfoW
UnloadKeyboardLayout
UnregisterClassA

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

Exports

Exports

ClearFreeList
FillInfo
InPlaceRemainder
Int_AsLong
Optimize
get_text
get_y_pixels_per_meter
set_oFFs

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94edcacea6b988baea6704f4fb31f411

Headers

File Characteristics

Imports

kernel32

version

advapi32

setupapi

gdi32

user32

shell32

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 206KB - Virtual size: 205KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 206KB - Virtual size: 205KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 4KB - Virtual size: 3KB