f3efe396fc591974167ca0cf05e9dfe17d6f14636892465a09820bc22a6932f2

Sharing

Copy URL Twitter E-mail

General

Target

f3efe396fc591974167ca0cf05e9dfe17d6f14636892465a09820bc22a6932f2
Size

52KB
MD5

86107d571df5a12bd81b4bd9b697603d
SHA1

6d38b8d5573f574ee31bbf0e84cd9b576c6e2896
SHA256

f3efe396fc591974167ca0cf05e9dfe17d6f14636892465a09820bc22a6932f2
SHA512

6a30942b7b976fc27e5f0faa9eaf94931fa58d695897adf7ffd03d68d89e055aa2e6e6d9d57984e982a9f2d024b31bc191fd1672848347813ddfeecd2a560bc6
SSDEEP

384:oB8kk0H8c0cxkane5SY1lJPz39TkGa2mA0HXr+6JAXVcoq22M/jHrOilWKDQar:CkA0mkak1zbFlEAXV3N29ilWdm

Score

N/A

Malware Config

Signatures

Files

f3efe396fc591974167ca0cf05e9dfe17d6f14636892465a09820bc22a6932f2
.dll windows x86

bea64400843728e783231b8f275a3462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
FindFirstFileA
GetLastError
lstrcpyA
ReadFile
MultiByteToWideChar
GetModuleHandleA
lstrlenA
GetWindowsDirectoryA
FindNextFileA
FindClose
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
VirtualAlloc
lstrcpynA
GetVersionExA
GetProcAddress
GetEnvironmentStrings
FreeLibrary
LocalFree
CreateFileA
CloseHandle
SetHandleCount
WriteFile
GetEnvironmentStringsW
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
VirtualFree
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

FindWindowA
SendMessageA
CharNextA
wsprintfA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHFileOperationA

shlwapi

PathFindFileNameA

Exports

Exports

AddEveryoneAccessToFile
RegisterApp
RegisterDriver
RemoveDevice9x
RemoveDeviceNT
RemoveINF
RemoveINFEx
RemoveINFIndex9x
RemoveImage9x
UnregisterApp
UpdateDriver

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bea64400843728e783231b8f275a3462

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 4KB - Virtual size: 1KB