bb3b249560cf8f69b1f9e605b494d21c9aded424777af35a589b6022e2472ae3

Sharing

Copy URL Twitter E-mail

General

Target

bb3b249560cf8f69b1f9e605b494d21c9aded424777af35a589b6022e2472ae3
Size

3.9MB
MD5

1514767bc51f19cbf676d90f8445d389
SHA1

fdcbee210fe00232daba1576e134f390988297f7
SHA256

bb3b249560cf8f69b1f9e605b494d21c9aded424777af35a589b6022e2472ae3
SHA512

517b27a6f6fa5d4a155ae5b8c08d49c567bcf17db67163c60c708ef8efb3bfaa785bc89f61f40bee207b69e2a8ad0d88815895a2d496897109a0dfa44ea1271a
SSDEEP

98304:RtsztBF5ShjPlm0Ml0IRqqblNZjGmrX7sb:+BF5uK0MbHZj5L7sb

Score

N/A

Malware Config

Signatures

Files

bb3b249560cf8f69b1f9e605b494d21c9aded424777af35a589b6022e2472ae3
.dll windows x86

834aa15dc0c0075a89cc8d367c17d05d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
MultiByteToWideChar
FormatMessageW
HeapFree
HeapAlloc
GetProcessHeap
CompareStringA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryA
FreeLibrary
VirtualAlloc
CreateProcessA
GetPriorityClass
DeleteFileA
FreeConsole
GetCurrentProcess
DeviceIoControl
SetFileAttributesA
CreateFileA
WriteFile
SetFileTime
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
CreateEventA
WaitForSingleObject
GetLastError
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
GetThreadPriority
GetCurrentProcessId
ReadFile
GetTempPathA
SetEvent
CloseHandle
GetTempFileNameA
GetVersionExA
GetTickCount
TerminateProcess
GetLocalTime
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetProcAddress
Sleep
GetModuleFileNameA
GetFileSize
SetFilePointer
FormatMessageA
OpenEventA
ExitProcess
GlobalFree
SetLastError

user32

SetRect
CreateWindowExW
GetSystemMetrics
AdjustWindowRectEx
SetWindowLongA
GetWindowLongA
ReleaseDC
SetWindowRgn
GetDC
DestroyWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBeep
UnregisterClassW
UnregisterClassA
LoadCursorA
RegisterClassW
RegisterClassA
CallWindowProcA
SetCapture
DrawFrameControl
BeginPaint
EndPaint
GetDlgCtrlID
IntersectRect
FillRect
CopyRect
CreateWindowExA
IsRectEmpty
OffsetRect
DrawTextW
DrawTextA
GetWindowRgn
GetCapture
ReleaseCapture
ShowWindow
SetActiveWindow
TranslateMessage
DispatchMessageW
DispatchMessageA
ActivateKeyboardLayout
SendMessageA
PostMessageA
InvalidateRect
UpdateWindow
GetSysColor
LoadStringW
DefWindowProcW
DefWindowProcA
PeekMessageW
PeekMessageA
GetMessageW
GetMessageA
MessageBoxA
LoadStringA
PostThreadMessageA
GetKeyState
ExitWindowsEx
SetWindowPos
IsWindowVisible
PtInRect

gdi32

CreateFontIndirectW
PtInRegion
CreateRectRgnIndirect
SetTextColor
SetBkMode
SelectObject
BitBlt
StretchBlt
SetStretchBltMode
ExtSelectClipRgn
SetBkColor
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
EnumFontFamiliesExA
CombineRgn
GetDIBits
GdiFlush
CreateDIBSection
CreateBrushIndirect
OffsetRgn
GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateRectRgn

advapi32

OpenServiceA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
QueryServiceConfigA
RegDeleteKeyA
ChangeServiceConfigA
StartServiceA
ControlService
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
DeleteService

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

AreDriversInstalled
InstallDrivers
UninstallDrivers

Sections

.text
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce
Size: 39KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

834aa15dc0c0075a89cc8d367c17d05d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Exports

Exports

Sections

.text Size: - Virtual size: 26KB

.sforce Size: 39KB - Virtual size: 4.4MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 61KB

.text
Size: - Virtual size: 26KB

.sforce
Size: 39KB - Virtual size: 4.4MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 61KB