6900932068656f9330afe55b84676d07cb241d18ce966cc93e0d13efced5183a

Sharing

Copy URL Twitter E-mail

General

Target

6900932068656f9330afe55b84676d07cb241d18ce966cc93e0d13efced5183a
Size

444KB
MD5

1a3f76ce540ceba48f58b731e21c4074
SHA1

3ca532fd32ddc146eb9535bbda2f949719a632d7
SHA256

6900932068656f9330afe55b84676d07cb241d18ce966cc93e0d13efced5183a
SHA512

29fb4e54f117aa1582c08b2e75c896867f51d979e332a1989cb73b7fa936b4009ed897547d716fbb28509f4bc92ef9b8a770e053d2a89e91316554d7a93a8f7e
SSDEEP

6144:xZeeSns7vmMIchHJ1+xlwJ0JijprKcQ6q8tofLn9n1tw0Bq/NvT2guiAxNp1KZFJ:je4d1Cc0Ji1Wcs9nw0Bq/NTcpWrdZ7q

Score

N/A

Malware Config

Signatures

Files

6900932068656f9330afe55b84676d07cb241d18ce966cc93e0d13efced5183a
.dll windows x86

5766ad5e2dae013dfcfcfb221b880a5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StartPage
SelectObject
PatBlt
GetTextMetricsW
GetObjectW
GetBrushOrgEx
EndPage
EndDoc
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap

advapi32

FreeSid
StartServiceW
SetSecurityDescriptorDacl
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
QueryServiceStatus
ProcessTrace
OpenServiceW
OpenSCManagerW
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeleteService
EqualSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
OpenProcessToken

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

user32

SetWindowTextW
SetWindowLongW
ShowWindow
SetDlgItemTextW
SetDeskWallpaper
SendMessageW
SendDlgItemMessageW
ReleaseDC
RegisterClassExW
PostQuitMessage
PostMessageW
OpenIcon
MsgWaitForMultipleObjects
MessageBoxW
LoadIconW
LoadBitmapW
IsDlgButtonChecked
InvalidateRect
GetWindowLongW
GetUserObjectInformationW
GetSystemMetrics
GetSysColor
GetProcessWindowStation
GetParent
GetMessageExtraInfo
GetKeyboardLayout
GetIconInfo
GetDlgItem
GetDC
GetActiveWindow
EndDialog
DrawTextExW
DrawIconEx
DrawFrameControl
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
DdeClientTransaction
CreateWindowExW
CreateIconIndirect
CheckRadioButton
CheckDlgButton
CharLowerW
CallWindowProcW
AllowSetForegroundWindow
TrackPopupMenuEx
SystemParametersInfoW
SetFocus

setupapi

SetupTermDefaultQueueCallback
SetupQueueCopyW
SetupPromptReboot
SetupOpenInfFileW
SetupOpenFileQueue
SetupInstallServicesFromInfSectionW
SetupInstallFilesFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupGetTargetPathW
SetupGetLineCountW
SetupGetIntField
SetupGetFieldCount
SetupFindNextMatchLineW
SetupFindNextLine
SetupFindFirstLineW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsW
SetupDiGetActualSectionToInstallW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiClassNameFromGuidW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDefaultQueueCallbackW
SetupCopyOEMInfW
SetupCommitFileQueueW
SetupCloseInfFile
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_DevNode_Status
CMP_WaitNoPendingInstallEvents

kernel32

lstrlenW
lstrcmpiW
lstrcmpW
WriteFile
WriteConsoleW
WriteConsoleOutputW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObjectEx
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
VerifyVersionInfoW
VerSetConditionMask
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetThreadLocale
SetLastError
SetHandleCount
SetEvent
SetEndOfFile
SetCurrentDirectoryW
SearchPathW
RemoveDirectoryW
ReleaseMutex
RegisterWaitForSingleObjectEx
ReadFile
ReadConsoleOutputW
RaiseException
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MoveFileExW
MapViewOfFile
LockResource
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsBadReadPtr
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapValidate
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalFree
GetWindowsDirectoryW
GetVersionExW
GetVersionExA
GetUserDefaultUILanguage
GetTickCount
GetThreadLocale
GetTempFileNameW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetSystemDefaultUILanguage
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoW
GetStartupInfoA
GetShortPathNameW
GetQueuedCompletionStatus
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
CloseHandle
CompareStringW
ContinueDebugEvent
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateMutexW
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FillConsoleOutputCharacterW
FindClose
FindNextFileW
FindResourceW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA

shell32

ShellExecuteExW
SHGetFolderPathW
SHFormatDrive

Exports

Exports

BytesWarning
EOFError
Import
_Pop
get_progressive_ptr
set_sig_bytes
set_swap_alpha
vResolveTokenVar

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5766ad5e2dae013dfcfcfb221b880a5f

Headers

File Characteristics

Imports

gdi32

advapi32

version

user32

setupapi

kernel32

shell32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 227KB - Virtual size: 227KB

.data Size: 108KB - Virtual size: 111KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 227KB - Virtual size: 227KB

.data
Size: 108KB - Virtual size: 111KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 3KB