463c6df55256f12bfc7b32b051a2d2375a057c1beebb3f1c74ce11bf0a12f999

Sharing

Copy URL Twitter E-mail

General

Target

463c6df55256f12bfc7b32b051a2d2375a057c1beebb3f1c74ce11bf0a12f999
Size

318KB
MD5

b95e5f0a299ef56e9461080be52612ab
SHA1

5027c1539d0e4a99c1e47440378d3306fdfa186f
SHA256

463c6df55256f12bfc7b32b051a2d2375a057c1beebb3f1c74ce11bf0a12f999
SHA512

19e4ba328e274993b8daa8abbe68b263a772d4757956989af3b3c8186b5564f3c7b0765a47a4492bed04e4fdfd5b30e8dc7cca57bb1fe391a05e37cb3d84ce24
SSDEEP

6144:Dys0waxoaAEJWnikauhjYAy6hxDuh8lk5ugf8p:Dy0NYJWndlt2bun

Score

N/A

Malware Config

Signatures

Files

463c6df55256f12bfc7b32b051a2d2375a057c1beebb3f1c74ce11bf0a12f999
.dll windows x86

366a6dc065667f5c7851082add5bd88b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
ExitProcess
EnterCriticalSection
CreateProcessW
CreateMutexW
CreateFileW
CreateFileA
IsDebuggerPresent
CloseHandle

shlwapi

PathAppendW
PathRemoveFileSpecW

setupapi

SetupFindNextLine
SetupGetStringFieldW
SetupCloseInfFile
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetSelectedDriverW
SetupFindFirstLineW

shell32

SHCreateDirectoryExW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

Exports

Exports

Decode
GetItemString
InitVar
Next
ReplaceErrors

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

366a6dc065667f5c7851082add5bd88b

Headers

File Characteristics

Imports

kernel32

shlwapi

setupapi

shell32

advapi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 61KB - Virtual size: 61KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 11KB - Virtual size: 11KB