5863bc8912d4a649b5f8279f165b280a3cb2ca74f00fe4d19d4f9998b260ec10

Sharing

Copy URL

Twitter E-mail

General

Target

5863bc8912d4a649b5f8279f165b280a3cb2ca74f00fe4d19d4f9998b260ec10
Size

124KB
MD5

07d0df559f9ee024558dd3756ae5d4b0
SHA1

781997169937d57d06558b68756780419c2b3e1f
SHA256

5863bc8912d4a649b5f8279f165b280a3cb2ca74f00fe4d19d4f9998b260ec10
SHA512

a35f25839b442e6b0d9616d0f8a755b50679a14a647c198f980e27246e8f5ae1af218b18a393460a20f5f761f1d0f25cdeb3d648b77f56cba51d9078ce11ae06
SSDEEP

1536:zJmTWoMgtJTQXZ1sl4Kp/FhpakEGfB21H0KNi1QQPzFn/jlzVSML7yc1+RO:dT4ZQXDsl4S/Fhpeg2OyiLPzN/j25

Score

N/A

Malware Config

Signatures

Files

5863bc8912d4a649b5f8279f165b280a3cb2ca74f00fe4d19d4f9998b260ec10
.dll windows x86

2b405e6c63c53eb3a4761753f628d485

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
Sleep
CreateProcessA
SetEndOfFile
GetModuleFileNameA
GetCurrentProcess
GetVersionExA
GetLastError
GetSystemDirectoryA
CloseHandle
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
HeapReAlloc
HeapAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

advapi32

GetTokenInformation
RegQueryValueExA
RegCloseKey
OpenProcessToken

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiGetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiOpenDevRegKey

Exports

Exports

CoDeviceInstall

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b405e6c63c53eb3a4761753f628d485

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB