129a4de5f9a65a0dcb2ffdbe4189039a3da3517f0d6dee076dadd1aadf904762

Sharing

Copy URL

Twitter E-mail

General

Target

129a4de5f9a65a0dcb2ffdbe4189039a3da3517f0d6dee076dadd1aadf904762
Size

152KB
MD5

6ce82082d1c974ffc1f9d40dc6c52d9d
SHA1

d97bf032aa93f077c1624b9bce119bc6199ae92e
SHA256

129a4de5f9a65a0dcb2ffdbe4189039a3da3517f0d6dee076dadd1aadf904762
SHA512

c97677c6203e0df67bb264c528f2ff71af88e63557687a3f1e9dac304dd37fc25138c87af42c783d2c9ca48a3fdd517dcb1a23ad7f18aaf95a707cb54ff8cace
SSDEEP

1536:PF+qQjRn0httWUCRFy6MZiPTTXkcIqy9pdRvgEDo7LIsF7C:PFVMR0htLGiif1yvdRvpDo7LIsF7C

Score

N/A

Malware Config

Signatures

Files

129a4de5f9a65a0dcb2ffdbe4189039a3da3517f0d6dee076dadd1aadf904762
.dll windows x86

b94f55e4b7199da6df6ba1f70fe8ccac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CloseHandle
ReleaseMutex
WaitForSingleObject
DeviceIoControl
LocalFree
GetLastError
LocalAlloc
GetProcAddress
GetModuleHandleA
QueryDosDeviceA
GetVersionExA
CreateFileA
LoadLibraryA
RtlUnwind
ReadFile
GetFileType
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
WideCharToMultiByte
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
SetEndOfFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetFullPathNameA
GetCurrentDirectoryA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindFirstFileA
GetModuleFileNameA
FindClose

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

Exports

Exports

PS4WriteFile
S4ChangeDir
S4ChangePin
S4Cleanup
S4Close
S4Control
S4CreateDir
S4CreateDirEx
S4Enum
S4EraseDir
S4Execute
S4ExecuteEx
S4Open
S4OpenEx
S4Startup
S4VerifyPin
S4WriteFile

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b94f55e4b7199da6df6ba1f70fe8ccac

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 60KB - Virtual size: 63KB

.rsrc Size: 4KB - Virtual size: 1008B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 60KB - Virtual size: 63KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 8KB - Virtual size: 5KB