2fd74892bb8a696bf70feafccd0d7cf3465696f11551b737d150a88ba685922a

Sharing

Copy URL Twitter E-mail

General

Target

2fd74892bb8a696bf70feafccd0d7cf3465696f11551b737d150a88ba685922a
Size

220KB
MD5

b96a052145c2b87b9033325b107b2ef0
SHA1

61334696b096bf44e3c5c3833ecdb3b124d99b54
SHA256

2fd74892bb8a696bf70feafccd0d7cf3465696f11551b737d150a88ba685922a
SHA512

c38645e0a7bf8db7a842780c3a2587806fcce01d21280a522dcdc5cae8813c013de35fedeb2817c2bbe9686437d37b2b4806784c05a54e188c5495848a2567a7
SSDEEP

3072:Sog5JahT3mL4I9mpJ3qwRGF8FTj4VaeWa4atNRt9OOOp7Ir9ZO0nWz:LD93W4I9QhqcdFTj4aatNhOOOBIRs0

Score

N/A

Malware Config

Signatures

Files

2fd74892bb8a696bf70feafccd0d7cf3465696f11551b737d150a88ba685922a
.dll windows x86

a25d22056d96383be5042849184853e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetFileSize
CreateFileA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
FindFirstFileA
GetWindowsDirectoryA
lstrlenA
GetLastError
SizeofResource
LockResource
LoadResource
ReadFile
CreateDirectoryA
RemoveDirectoryA
CopyFileA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
LocalFree
CloseHandle
GetVersionExA
FindResourceA
DisableThreadLibraryCalls
GetLocaleInfoW
SetEndOfFile
LoadLibraryA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileAttributesA
RaiseException
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WriteFile
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetProcAddress
GetTimeZoneInformation
SetEnvironmentVariableA

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupCopyOEMInfA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA

shlwapi

SHDeleteKeyA
PathAppendA

Exports

Exports

InstallcKeyDriver
RemovecKeyDriver

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a25d22056d96383be5042849184853e5

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

shlwapi

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 24KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 24KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 10KB