13001d382dd075c8724b73c05fb4735d3cf770338be85c42ab4694f12a9296ea

Sharing

Copy URL

Twitter E-mail

General

Target

13001d382dd075c8724b73c05fb4735d3cf770338be85c42ab4694f12a9296ea
Size

203KB
MD5

93abf5b52f15e69b59609535fa4957f0
SHA1

b94db0b9b97a2c0fd793312c0afca3de9b299169
SHA256

13001d382dd075c8724b73c05fb4735d3cf770338be85c42ab4694f12a9296ea
SHA512

320055a8f0f00ca052244eee31b131f9f7ab3b8215b88ae22bbe2a0476c0f440b33477c25aa942592e502952087e3dde9335f470b972d12c0533607bb16d02e4
SSDEEP

6144:V0PKwEDdvqspj24Ellr7tnEUAC7BWzoO9CAxwSrw:zwW4spjsv3ZHtWzoOEpSrw

Score

N/A

Malware Config

Signatures

Files

13001d382dd075c8724b73c05fb4735d3cf770338be85c42ab4694f12a9296ea
.exe windows x86

15b21516ee17e5d2bf68dc494508ccd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

NDdeGetTrustedShareW
NDdeIsValidAppTopicListW
NDdeIsValidAppTopicListA
NDdeGetErrorStringA
NDdeGetShareSecurityW
NDdeGetShareSecurityA
NDdeGetTrustedShareA

kernel32

GetTimeZoneInformation
GetProcAddress
GlobalUnlock
CreateFileW
GlobalAlloc
WideCharToMultiByte
InterlockedExchange
InterlockedDecrement
lstrcmpiW
GlobalMemoryStatus
GetFileSize
GetFullPathNameW
CreateSemaphoreW
InitializeCriticalSection
GetCurrentThread
ReleaseSemaphore
GetSystemInfo
GetQueuedCompletionStatus
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProfileIntA
lstrcpynW
LeaveCriticalSection
LoadLibraryW
lstrcmpW
SetFilePointer
VirtualFree
GetVersionExW
lstrlenA
FreeLibrary
WaitForMultipleObjects
GlobalFree
HeapAlloc
GlobalLock
lstrlenW
SetUnhandledExceptionFilter
CreateThread
WriteFile
EnterCriticalSection
GetDiskFreeSpaceW
HeapFree
GetSystemDefaultLangID
GetThreadPriority
DeleteFileW
GetCurrentProcessId
GetTickCount
GetCurrentProcess
IsBadCodePtr
IsBadWritePtr
GetPrivateProfileStringW
lstrcpyA
WaitForSingleObject
CreateEventW
CloseHandle
ReadFile
DeleteCriticalSection
GlobalHandle
GetACP
GetProcessHeap
lstrcpyW
SetEndOfFile
GetModuleFileNameA
SetEvent
GetFileAttributesW
InterlockedIncrement
MultiByteToWideChar
MulDiv
GetLastError
ResetEvent
SetThreadPriority
IsBadReadPtr

user32

CreateDialogParamW
SetWindowLongW
ShowWindow
CheckRadioButton
IsWindowVisible
IsWindow
SetDlgItemTextW
GetClientRect
GetWindowRect
DispatchMessageW
GetDlgItem
GetDesktopWindow
LoadCursorW
GetAsyncKeyState
ReleaseDC
CheckDlgButton
TranslateMessage
MoveWindow
SetDlgItemInt
ClientToScreen
SendMessageW
GetDlgItemInt
DefWindowProcW
DestroyWindow
LoadStringW
PeekMessageW
GetWindowLongW
GetDC
IsRectEmpty
SetCursor
InvalidateRect
EnableWindow

ifsutil

?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z
?AddEntry@AUTOREG@@SGEPBVWSTRING@@@Z
?AddVolumeName@MOUNT_POINT_MAP@@QAEEPAVWSTRING@@0@Z
?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
?AddEdge@DIGRAPH@@QAEEKK@Z
?CheckAndAdd@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?AddStart@NUMBER_SET@@QAEEVBIG_INT@@@Z

cfgmgr32

CMP_WaitNoPendingInstallEvents
CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CMP_Init_Detection
CMP_WaitServicesAvailable

cewmdm

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer
DllRegisterServer

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15b21516ee17e5d2bf68dc494508ccd0

Headers

File Characteristics

Imports

nddeapi

kernel32

user32

ifsutil

cfgmgr32

cewmdm

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 58KB - Virtual size: 58KB

.data Size: 62KB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 58KB - Virtual size: 58KB

.data
Size: 62KB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB