dd8cd943044e459d9f463969b995dc92b2dc7839748c0510db5aac9cc47fcd16

Sharing

Copy URL

Twitter E-mail

General

Target

dd8cd943044e459d9f463969b995dc92b2dc7839748c0510db5aac9cc47fcd16
Size

452KB
MD5

2d46a9b54f14e8000e5e70b8cf0a79c0
SHA1

a8932251cb41e557e2a9163b993c2dab3abe9d80
SHA256

dd8cd943044e459d9f463969b995dc92b2dc7839748c0510db5aac9cc47fcd16
SHA512

d1e16fa227b9d0a38663bb557822edf4c2fa4935dde1b764a553a3dc2f83d3496f8fc91f8c34b8ae8a7792162354f1e07dc8c2089857915ade5eeca05447d71c
SSDEEP

12288:UJ7BTXMvWOIDdmrHuUYW+UWGNES1q881tzNEWDl80nprcPiQWG+cHm:GZysSEAiTKW9cPH

Score

N/A

Malware Config

Signatures

Files

dd8cd943044e459d9f463969b995dc92b2dc7839748c0510db5aac9cc47fcd16
.dll windows x86

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
SysStringLen
SysAllocString
VarUI4FromStr

setupapi

SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_Child
SetupDiGetClassDevsW
CM_Get_Parent
CM_Get_Sibling
SetupDiEnumDeviceInterfaces
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW

ole32

CoInitializeEx
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
StringFromGUID2
CoUninitialize

advapi32

RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

kernel32

lstrcmpiW
InterlockedExchange
SetWaitableTimer
GetTickCount
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
ReleaseMutex
ResetEvent
DeleteCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
GetModuleHandleA
GetThreadLocale
TerminateProcess
GetLastError
ReadFile
Sleep
GetDateFormatA
RaiseException
VirtualAlloc
OutputDebugStringA
SizeofResource
GetExitCodeThread
InterlockedIncrement
DeviceIoControl
GetVersionExA
GlobalAlloc
CreateWaitableTimerW
CreateFileW
CloseHandle
WaitForMultipleObjects
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
CreateThread
InterlockedDecrement
CreateMutexW
InitializeCriticalSection
lstrlenW
GetCurrentThreadId
LocalAlloc
EnterCriticalSection
FindResourceW
LocalFree
WaitForSingleObject
GetOverlappedResult
CancelWaitableTimer
CreateEventW
LeaveCriticalSection
LoadResource
SetEvent
SetThreadLocale
InterlockedCompareExchange
GetModuleHandleW

Exports

Exports

DelItem
ImportModuleNoBlock
Int_AsSsize_t
Long_FromDouble
Resize
convert_from_struct_tm
get_header_version

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

Imports

oleaut32

setupapi

ole32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 60KB - Virtual size: 56KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 60KB - Virtual size: 56KB

.reloc
Size: 8KB - Virtual size: 7KB