387285760341f1c96707e2985b8a33bdbce883654475fc368722b38f8bfa30f9

Sharing

Copy URL

Twitter E-mail

General

Target

387285760341f1c96707e2985b8a33bdbce883654475fc368722b38f8bfa30f9
Size

450KB
MD5

051a3776929f5a5b01d2c885b690c2d4
SHA1

cfa2f8013bf3eeb7c6c19a5b54be36034a7e4c98
SHA256

387285760341f1c96707e2985b8a33bdbce883654475fc368722b38f8bfa30f9
SHA512

735a76f5a97873d1dfe10cad68246a833704f1aeaca4571437bb80ad3f46a671dfb1f12f675889638b1f7d655d055b4c19d7829c78c6bd767373ec9cc4eeeee9
SSDEEP

12288:QUMo5jFPbZCQVAOIaP29LIbXn8g/ln9zQ+c:9ftFDZCzOIaLb380vc

Score

N/A

Malware Config

Signatures

Files

387285760341f1c96707e2985b8a33bdbce883654475fc368722b38f8bfa30f9
.dll windows x86

ab6a3b3f9d7241ac4800a4acf8b4a7f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultUILanguage
GetSystemInfo
GetSystemWindowsDirectoryW
GetTempFileNameW
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalCompact
LocalFree
GetModuleHandleA
LockResource
MapUserPhysicalPagesScatter
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadConsoleOutputW
ReadFile
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransmitCommChar
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputW
WriteConsoleW
WriteFile
lstrlenW
GetModuleFileNameW
GetModuleFileNameA
GetMailslotInfo
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
CloseHandle
GetLastError
GetFileType
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentProcessId
GetConsoleScreenBufferInfo
GetConsoleOutputCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindClose
FillConsoleOutputCharacterW
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateMutexW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
LocalReAlloc

shell32

SHGetFolderLocation
CommandLineToArgvW
SHGetFolderPathW

user32

UnregisterClassA
SystemParametersInfoW
ShowWindow
SetWindowPlacement
SetFocus
SetDlgItemTextW
SetClassWord
SendMessageW
SendDlgItemMessageW
ReleaseDC
RegisterClassExW
PtInRect
PostQuitMessage
PostMessageW
OemKeyScan
MessageBoxW
LoadImageW
LoadIconW
LoadBitmapW
IsRectEmpty
IsDlgButtonChecked
InvalidateRect
GetWindowLongW
GetSystemMetrics
GetSysColor
GetProcessWindowStation
GetParent
GetIconInfo
GetFocus
GetDC
DrawTextExW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
CreateWindowExW
CheckMenuRadioItem
CharLowerW
AllowSetForegroundWindow
CheckDlgButton

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

setupapi

SetupQueueCopyIndirectW
CMP_WaitNoPendingInstallEvents
CM_Enumerate_Classes
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
SetupCommitFileQueueW
SetupCopyOEMInfW
SetupDefaultQueueCallbackW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetActualSectionToInstallW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetSelectedDevice
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetIntField
SetupGetLineCountW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInitDefaultQueueCallbackEx
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileW
SetupTermDefaultQueueCallback

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeleteService
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
LsaSetInformationPolicy
LsaStorePrivateData
OpenProcessToken
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetEntriesInAclW
SetPrivateObjectSecurityEx
SetSecurityDescriptorDacl
SystemFunction024

gdi32

CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
EndDoc
EndPage
GetDeviceCaps
GetObjectW
GetTextMetricsW
SetLayout
StartDocW
StartPage
SwapBuffers

Exports

Exports

BufferError
Format
InPlaceAdd
Member_Set
Node_Compile
RestoreThread
String_Fini
vResolveTokenVarW
window_bits

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab6a3b3f9d7241ac4800a4acf8b4a7f8

Headers

File Characteristics

Imports

kernel32

shell32

user32

version

setupapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 103KB - Virtual size: 103KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 103KB - Virtual size: 103KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 5KB - Virtual size: 5KB