8cedeaf181cbc15c9e70c1c5fe3f2f7e173c337d6dd44147176f1e7bf3eb1754

Sharing

Copy URL Twitter E-mail

General

Target

8cedeaf181cbc15c9e70c1c5fe3f2f7e173c337d6dd44147176f1e7bf3eb1754
Size

158KB
MD5

8d154c578c38c7d60be228854cfbfb0a
SHA1

1d4db2973ae7b872369ab6c8d876ed14f0658167
SHA256

8cedeaf181cbc15c9e70c1c5fe3f2f7e173c337d6dd44147176f1e7bf3eb1754
SHA512

5cb9d104e31d617d2a7725a5d682ad9b7c05fe85a2f35fae0589bcab0f0d83e48a6feaaea33384bfd49b1bcc8db8cc503b9a24d33f7bfa5cf846a707f9d2d5f0
SSDEEP

3072:8dAu8W9cnVG79mULodeRbgFYZ3tkqdTv6FBoWD7:8EGZR8uZ3HSFBf

Score

N/A

Malware Config

Signatures

Files

8cedeaf181cbc15c9e70c1c5fe3f2f7e173c337d6dd44147176f1e7bf3eb1754
.dll windows x86

1bc85009521f3fea7f221ff71f737aae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupSetNonInteractiveMode
SetupDiSetSelectedDriverW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiSelectBestCompatDrv
SetupDiOpenDeviceInfoA
SetupDiGetSelectedDriverW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstallParamsW
SetupDiGetClassImageIndex
SetupDiGetClassDevsA
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDriverInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
CM_Request_Device_EjectW
CM_Query_Arbitrator_Free_Size_Ex
CM_Locate_DevNodeA
CM_Get_Sibling
CM_Get_Res_Des_Data_Ex
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Depth
CM_Free_Res_Des_Ex
CM_Free_Log_Conf
CM_Add_Res_Des

ws2_32

connect
closesocket
getsockname
accept
WSAHtons
getsockopt
inet_addr
listen
recv
recvfrom
select
socket
bind

kernel32

TlsAlloc
TerminateThread
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetTapePosition
SetLastError
SetInformationJobObject
SetFilePointer
SetCommBreak
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
TlsFree
PrepareTape
OutputDebugStringA
OpenThread
MultiByteToWideChar
MoveFileW
Module32NextW
MapViewOfFile
LocalFree
LocalAlloc
LoadModule
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsDebuggerPresent
TlsGetValue
TlsSetValue
RaiseException
GetModuleFileNameW
lstrlenW
lstrcpyW
_lopen
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
CancelIo
ConnectNamedPipe
CreateEventA
CreateNamedPipeW
DeleteFileW
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeConsole
GetComputerNameExW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFullPathNameW
GetHandleInformation
GetLastError
GetMailslotInfo
IsDBCSLeadByte
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOverlappedResult
GetProcAddress
GetQueuedCompletionStatus
GetSystemInfo
GetTempPathW
GetTickCount
GetVersionExA
GlobalHandle
GlobalWire
InterlockedCompareExchange
InterlockedExchange
IsBadReadPtr
UnhandledExceptionFilter

advapi32

AllocateAndInitializeSid
GetLengthSid
DuplicateEncryptionInfoFile

shell32

SHGetFolderPathW

user32

MessageBoxW
MapWindowPoints
GetWindow
MsgWaitForMultipleObjectsEx
RegisterDeviceNotificationA
CharUpperA

ole32

CLSIDFromString
CoInitialize
CoRevertToSelf
CoSetProxyBlanket
CoTaskMemFree
CoUninitialize
GetHookInterface
SNB_UserSize

Exports

Exports

GenerateUniqueFileName
GetLogInfo
PszSkipWhiteA
Seek

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bc85009521f3fea7f221ff71f737aae

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ws2_32

kernel32

advapi32

shell32

user32

ole32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 962B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 962B