3cb95b22281283d3a4b74fc56e1f8409788394ee3076dd1c2396d6d683323958

Sharing

Copy URL

Twitter E-mail

General

Target

3cb95b22281283d3a4b74fc56e1f8409788394ee3076dd1c2396d6d683323958
Size

501KB
MD5

dd07315e001b692fc05e32c8f3f8dc81
SHA1

ae4357f5025c141c7357fada829584221bb9b004
SHA256

3cb95b22281283d3a4b74fc56e1f8409788394ee3076dd1c2396d6d683323958
SHA512

49d51b5a6795c50a17debd41bd966637105f2456c8f54c171784f87773a9fb548494132fbda6777f3bae334b46c470b04fb0d2a0ee843a0d3baab3f16f362618
SSDEEP

12288:5eHgyLlM1U3WC1i6Opa7IVSnLTD+mO1AXNxSpPM/3LVx55rVJUCA:IHgyLlM1UuTpcmST+91AX7355x

Score

N/A

Malware Config

Signatures

Files

3cb95b22281283d3a4b74fc56e1f8409788394ee3076dd1c2396d6d683323958
.dll windows x86

a394d4a16e680e2cb7edfa8730887204

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetStringFieldW
SetupFindNextLine
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
SetupDiGetSelectedDriverW
SetupDiGetDeviceInstallParamsW
SetupCloseInfFile

advapi32

RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW

shell32

SHCreateDirectoryExW

kernel32

TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
GetProcessPriorityBoost
Sleep
WriteFile
CloseHandle
CreateFileA
CreateFileW
CreateMutexW
CreateProcessW
EnterCriticalSection
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleHandleA
GetProcAddress
SetStdHandle
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
WriteConsoleW

shlwapi

PathRemoveFileSpecW
PathAppendW

Exports

Exports

CheckSignals
RealAsDouble
SimpleString
vExecTokenA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a394d4a16e680e2cb7edfa8730887204

Headers

File Characteristics

Imports

setupapi

advapi32

shell32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 189KB - Virtual size: 190KB

.rsrc Size: 152KB - Virtual size: 152KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 189KB - Virtual size: 190KB

.rsrc
Size: 152KB - Virtual size: 152KB

.reloc
Size: 9KB - Virtual size: 8KB