1020cc233f25e149447c060f0ea66427eccc1c60e7d480e7517608aa63844f01

Sharing

Copy URL Twitter E-mail

General

Target

1020cc233f25e149447c060f0ea66427eccc1c60e7d480e7517608aa63844f01
Size

284KB
MD5

1bad7962833e82610d4476dd5f6153b0
SHA1

1fc4c51417b3ef52fc19d05cd60415df2db0aaea
SHA256

1020cc233f25e149447c060f0ea66427eccc1c60e7d480e7517608aa63844f01
SHA512

a06c85a9c9bc81d9dca5c21f38474c82e970dcaff9f22e986f4b92bcf50afde879382e41ac09c9fa5b532e2b92032c1cb14fe53274714f14ccec7ca54d9532a0
SSDEEP

3072:AbBh7BUmREDsAzTWmNzwh28qafazsep7csSv8C6Z18ZigZEbHToRc2m+UuROoNmy:AtyDzNwh28Zedcsgz6DpCUEPQK29O

Score

N/A

Malware Config

Signatures

Files

1020cc233f25e149447c060f0ea66427eccc1c60e7d480e7517608aa63844f01
.exe windows x86

ff79ec5b46a7f6a45f557085c72f7028

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupCloseFileQueue
SetupInstallFilesFromInfSectionA
SetupCommitFileQueueA
SetupInstallFromInfSectionA
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackA
SetupOpenInfFileA
SetupFindFirstLineA
SetupGetStringFieldA
SetupGetLineCountA
SetupGetLineByIndexA
SetupCloseInfFile
SetupDiCreateDeviceInfoList
SetupDiDestroyClassImageList
SetupDiSetDeviceRegistryPropertyA
SetupDiRemoveDevice
SetupDiGetClassImageIndex
SetupDiGetINFClassA
SetupDiGetClassDevsA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupDiDestroyDriverInfoList
SetupDiSetClassInstallParamsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetClassImageList
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoA

newdev

UpdateDriverForPlugAndPlayDevicesA

cfgmgr32

CM_Get_DevNode_Status
CM_Locate_DevNode_ExA
CM_Reenumerate_DevNode_Ex

kernel32

GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
SetErrorMode
SetEndOfFile
RtlUnwind
ExitProcess
TerminateProcess
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
MulDiv
FindNextFileA
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
GetCurrentThread
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
WaitForMultipleObjects
SetEvent
WaitForSingleObject
TerminateThread
ResetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateEventA
CloseHandle
DeleteFileA
FindClose
FormatMessageA
GetCurrentProcess
GetVersionExA
lstrcmpiA
GetModuleFileNameA
GetPrivateProfileIntA
GetComputerNameA
GetLastError
LocalFree
LocalAlloc
SetLastError
FindFirstFileA
lstrcmpA
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
lstrlenW
WideCharToMultiByte
Sleep
lstrlenA
lstrcatA
lstrcpyA
lstrcpynA
GetTickCount

user32

CharUpperA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
RegisterClipboardFormatA
MoveWindow
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetDC
ReleaseDC
ShowWindow
IsWindowVisible
KillTimer
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
GetWindowRect
LoadIconA
RegisterWindowMessageA
GetClassNameA
GetWindowTextA
EnumWindows
LoadStringA
GetDlgItem
PostMessageA
FindWindowA
EnableWindow
wsprintfA
SendMessageA
UnregisterClassA

gdi32

DPtoLP
GetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
LPtoDP
GetBkColor
GetTextColor
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PtVisible
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
CryptDestroyHash
RegSetValueExA
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
CryptReleaseContext
OpenProcessToken

shell32

DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ImageList_Destroy
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetImageCount
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
OleInitialize

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ff79ec5b46a7f6a45f557085c72f7028

Headers

File Characteristics

Imports

setupapi

newdev

cfgmgr32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 64KB - Virtual size: 64KB