e7658379ddc282aef36e6b5305a538a68b6b58c9556c28287a385fc3402a8f0d

Sharing

Copy URL Twitter E-mail

General

Target

e7658379ddc282aef36e6b5305a538a68b6b58c9556c28287a385fc3402a8f0d
Size

482KB
MD5

f476b7d31ad98e876ccdc14e883ee153
SHA1

2d5bd2dd5f9baa761de02d55de26c495989213b4
SHA256

e7658379ddc282aef36e6b5305a538a68b6b58c9556c28287a385fc3402a8f0d
SHA512

e06c6bcdd9545e1fc47e9e0d8ed9109c08d68c90571455f535874d23788c38f0e4815d8d9214fe66d1b30138c2c4c53a1fed9a84509f7a1324a96a084f20cbd5
SSDEEP

6144:dQ5w7Qa3O0wvBF9A2pQjxJFmd1w9VKF1Bal2MHbFb+hZ+Fq87eDAo0CgzeJ7:STae08XpB1F1Ul2IxEZ+sDfo

Score

N/A

Malware Config

Signatures

Files

e7658379ddc282aef36e6b5305a538a68b6b58c9556c28287a385fc3402a8f0d
.dll windows x86

82c732fa1f4d45b038b1a0657b3c54d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

TranslateMessage
CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
FindWindowA
GetMessageA
IsWindow
PostQuitMessage
RegisterClassA
UpdateWindow
UnregisterDeviceNotification
SendMessageA
RegisterDeviceNotificationA

msvcrt

_chmod
_fdopen
_fstat
_getcwd
_stat
_strdup
_umask
_unlink
sprintf

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

gdi32

GetStockObject

kernel32

VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetHandleCount
RtlUnwind
ReleaseMutex
ProcessIdToSessionId
MultiByteToWideChar
LoadLibraryA
LeaveCriticalSection
WideCharToMultiByte
LCMapStringA
InitializeCriticalSection
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetTickCount
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessPriorityBoost
GetProcAddress
WriteFile
LCMapStringW
CloseHandle
CreateFileA
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP

Exports

Exports

ClearFreeList
GetAttrString
reset_zstream
set_gamma
vGetTokenW
window_bits

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82c732fa1f4d45b038b1a0657b3c54d6

Headers

File Characteristics

Imports

advapi32

user32

msvcrt

setupapi

gdi32

kernel32

Exports

Exports

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 217KB - Virtual size: 217KB

.data Size: 109KB - Virtual size: 111KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 217KB - Virtual size: 217KB

.data
Size: 109KB - Virtual size: 111KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 4KB - Virtual size: 4KB