73e5d653803d197e1c22eb91647424bec1faab7658536fac72ca2b6066f4b07b

Sharing

Copy URL

Twitter E-mail

General

Target

73e5d653803d197e1c22eb91647424bec1faab7658536fac72ca2b6066f4b07b
Size

215KB
MD5

49a38306aa68f0c0ce65c7cb32efd85a
SHA1

c4ce8a543ec5232eb8cd9e45589a71e00a164230
SHA256

73e5d653803d197e1c22eb91647424bec1faab7658536fac72ca2b6066f4b07b
SHA512

2254d20882154030207cb7f4aa497a9e154e72fc09d35bff9e35280a357c4732de59beebc8de19963f34e02b6d6210b9b448e8a2ca1aac0a2da457cf61c0397e
SSDEEP

6144:yJIkS7n/xtCBQnprdqtgn0H4rD6A6PIKy4DMn:yJLKnmBQphx+QIIR4Qn

Score

N/A

Malware Config

Signatures

Files

73e5d653803d197e1c22eb91647424bec1faab7658536fac72ca2b6066f4b07b
.exe windows x86

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarBstrFromUI2
VarBstrFromI1
VarBstrFromDec
VarBstrFromDate
VarBstrFromR4
VarBstrFromUI1
VarBstrFromI2
VarBstrFromUI4
VarBstrFromI4
VarBstrFromCy
VarBstrFromUI8
VarBstrFromDisp
VarBstrFromI8
VarBstrFromR8

user32

EnableWindow
IsWindowVisible
CheckDlgButton
DispatchMessageW
MoveWindow
InvalidateRect
DefWindowProcW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
SendMessageW
LoadStringW
CheckRadioButton
SetCursor
DestroyWindow
GetDlgItem
CreateDialogParamW
SetWindowLongW
PeekMessageW
GetWindowLongW
GetWindowRect
ClientToScreen
GetDesktopWindow
ReleaseDC
GetDC
LoadCursorW
IsRectEmpty
GetClientRect
ShowWindow
IsWindow
TranslateMessage
GetAsyncKeyState

kernel32

ReadFile
GetFileSize
lstrlenA
WaitForSingleObject
GetDiskFreeSpaceW
CreateEventW
LoadLibraryW
EnterCriticalSection
GetProcAddress
lstrcmpW
FreeLibrary
GetCurrentProcess
DeleteCriticalSection
GlobalAlloc
lstrlenW
SetUnhandledExceptionFilter
GetThreadPriority
GetCurrentThread
GlobalUnlock
HeapAlloc
GetFullPathNameW
GetVersionExW
InterlockedExchange
GetPrivateProfileStringW
GlobalFindAtomA
WriteFile
MulDiv
GetModuleFileNameA
GetACP
IsBadReadPtr
GetLocaleInfoA
GetProfileIntA
SetFilePointer
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
CreateFileW
GetCurrentProcessId
WaitForMultipleObjects
InterlockedIncrement
lstrcpyW
lstrcpynW
SetEvent
SetEndOfFile
GlobalMemoryStatus
CreateSemaphoreW
GetProcessHeap
lstrcmpiW
InterlockedDecrement
SetThreadPriority
CloseHandle
GetQueuedCompletionStatus
GlobalHandle
IsBadCodePtr
CreateThread
ReleaseSemaphore
GetTickCount
HeapFree
GlobalLock
IsBadWritePtr
lstrcpyA
GlobalFree
GetLocaleInfoW
QueryPerformanceCounter
ResetEvent
VirtualFree
WideCharToMultiByte
GetFileAttributesW
GetSystemTimeAsFileTime
GetLastError

netshell

DllGetClassObject
StartNCW
NcIsValidConnectionName

newdev

InstallNewDevice
UpdateDriverForPlugAndPlayDevicesW
InstallWindowsUpdateDriver
InstallSelectedDriver
UpdateDriverForPlugAndPlayDevicesA

ntdll

CsrFreeCaptureBuffer
DbgBreakPoint
DbgPrintReturnControlC
CsrGetProcessId
CsrCaptureTimeout
CsrClientConnectToServer
DbgQueryDebugFilterState
DbgPrint
CsrClientCallServer
CsrSetPriorityClass
CsrCaptureMessageMultiUnicodeStringsInPlace
CsrCaptureMessageBuffer
CsrCaptureMessageString
DbgPrintEx
DbgSetDebugFilterState
CsrIdentifyAlertableThread
DbgPrompt
CsrAllocateCaptureBuffer

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83d4dded894e9581d49b6af06a206cf6

Headers

File Characteristics

Imports

oleaut32

user32

kernel32

netshell

newdev

ntdll

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 86KB - Virtual size: 86KB

.data Size: 37KB - Virtual size: 6.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 86KB - Virtual size: 86KB

.data
Size: 37KB - Virtual size: 6.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB