164a1a3344b06e8423f633ce184b72ca56f4754b014ec23c58b4be7656a55af9

Sharing

Copy URL

Twitter E-mail

General

Target

164a1a3344b06e8423f633ce184b72ca56f4754b014ec23c58b4be7656a55af9
Size

815KB
MD5

3a4fef9187131e0a815341c421d82629
SHA1

529382aeef6c787a5f63be92181c8f73e8b80dbb
SHA256

164a1a3344b06e8423f633ce184b72ca56f4754b014ec23c58b4be7656a55af9
SHA512

02ad79e0d960bdb2e036973ad324ff375dd6d85e86d76f9e30fe9cef5d73d4cb121bd99ef9b6df94ea51cff638db3eb69bb7b4b3ce5a4702bb90783f239e7505
SSDEEP

24576:Pjxyic0l46XHEwMkcx+IdyOd5hSP5yc9huke:PUi7lBHEE9IcOd5sxycj9e

Score

N/A

Malware Config

Signatures

Files

164a1a3344b06e8423f633ce184b72ca56f4754b014ec23c58b4be7656a55af9
.exe windows x86

cb4cfdae4e2f4fee77a058ed76308cfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
TryEnterCriticalSection
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
LoadLibraryA
FreeLibrary
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapFree
VirtualFree
HeapCreate
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
Sleep
GetModuleHandleW
SetUnhandledExceptionFilter
ReadFile
SetEndOfFile
RaiseException
SetFilePointer
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
QueryPerformanceFrequency
FlushFileBuffers
GetConsoleMode
GetConsoleCP
CreateFileA
InterlockedCompareExchange
InitializeCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WriteConsoleW
GetVersionExW
GetEnvironmentVariableW
GetTempPathW
CreateFileW
LoadLibraryExW
SetEvent
ExpandEnvironmentStringsW
LocalAlloc
LocalFree
DeleteFileW
CloseHandle
SetFileAttributesW
GetFileAttributesW
GetSystemDirectoryW
CopyFileW
DeviceIoControl
FormatMessageW
CreateDirectoryW
GetProcessHeap
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
MoveFileExW
CreateThread
CreateEventA

ws2_32

WSAStartup
htonl
ntohl
inet_addr
closesocket
WSAGetLastError
recvfrom
select
sendto
socket
inet_ntoa

advapi32

RegDeleteKeyW
RegCloseKey
LookupAccountSidW
CreateServiceW
DeleteService
QueryServiceConfigW
ChangeServiceConfigW
ChangeServiceConfig2W
UnlockServiceDatabase
LockServiceDatabase
QueryServiceLockStatusW
EnumDependentServicesW
ControlService
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceA
QueryServiceStatus
EqualSid
GetTokenInformation
LookupPrivilegeNameA
LookupPrivilegeDisplayNameA
GetSecurityInfo
GetAclInformation
InitializeAcl
AddAce
SetSecurityInfo
GetNamedSecurityInfoW
IsValidSecurityDescriptor
GetSecurityDescriptorControl
GetInheritanceSourceW
GetAce
FreeInheritedFromArray
RegEnumValueW
RegDeleteValueW
SetNamedSecurityInfoW
RegEnumKeyExW
RegSetValueExW
RegRestoreKeyW
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegSaveKeyW
AllocateAndInitializeSid
RegCreateKeyExW
FreeSid
IsValidAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExW
RegOpenKeyExW
SetEntriesInAclW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller
CM_Get_DevNode_Status
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiClassGuidsFromNameW
SetupDiGetClassDescriptionW
SetupDiClassNameFromGuidW
SetupDiBuildClassInfoList
SetupCopyOEMInfW
CMP_WaitNoPendingInstallEvents
SetupDiDeleteDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupGetLineTextA
SetupCloseInfFile
SetupOpenInfFileA
SetupDiSetClassInstallParamsW
SetupGetInfFileListA

iphlpapi

GetIpAddrTable

user32

IsWindow
SendMessageA
GetWindowThreadProcessId
CreateWindowExW
DestroyWindow
GetDlgItem
EnumChildWindows

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
StringFromGUID2
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
CoQueryProxyBlanket

oleaut32

SafeArrayGetUBound
VariantClear
SysStringLen
SafeArrayGetElement
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayCreate
SysFreeString
SafeArrayDestroy
SafeArrayPutElement
SysAllocString
VariantInit

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

rpcrt4

UuidCreate

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 46KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cb4cfdae4e2f4fee77a058ed76308cfc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

advapi32

setupapi

iphlpapi

user32

ole32

oleaut32

newdev

shell32

rpcrt4

Sections

.text Size: 405KB - Virtual size: 405KB

.rdata Size: 247KB - Virtual size: 246KB

.data Size: 46KB - Virtual size: 59KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 105KB - Virtual size: 108KB

.text
Size: 405KB - Virtual size: 405KB

.rdata
Size: 247KB - Virtual size: 246KB

.data
Size: 46KB - Virtual size: 59KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 105KB - Virtual size: 108KB