8804404f389bb9d2e022ae3a7eb047ca17f51a81bca32524d5b516afb9306943

Sharing

Copy URL Twitter E-mail

General

Target

8804404f389bb9d2e022ae3a7eb047ca17f51a81bca32524d5b516afb9306943
Size

140KB
MD5

7932793c9759967ece95a8c520e18c51
SHA1

e521310d4d604e3dc10da45341f3415d0c595374
SHA256

8804404f389bb9d2e022ae3a7eb047ca17f51a81bca32524d5b516afb9306943
SHA512

f8b91ca106fd7440d3a8244aba200db91b726c8b08f4008a2614fb3f5c24c3367d39490ef024f39cf10c6e972834c12532be8d6d6f464f7c297c40927b9dbf47
SSDEEP

3072:86hmUZN8Qn3q+xUO/lrvZo13KNRDp0xQIl3RcDCHNYaW67I9+VkPNu:8crd3qOUO/lrC8DuQ63eeHNYa77I9+oN

Score

N/A

Malware Config

Signatures

Files

8804404f389bb9d2e022ae3a7eb047ca17f51a81bca32524d5b516afb9306943
.dll windows x86

79fccfd0922b7fe7567c9933bf82f42b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
UnregisterDeviceNotification
SetCursorPos
RegisterDeviceNotificationA
PeekMessageA
MsgWaitForMultipleObjectsEx
CharUpperA

ws2_32

socket
send
select
recv
listen
ioctlsocket
htonl
getsockopt
getsockname
connect
closesocket
accept
__WSAFDIsSet
WSAGetLastError

advapi32

FreeSid
UninstallApplication
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
SetEntriesInAclW
RevertToSelf
ReportEventW
RegisterServiceCtrlHandlerExA
RegisterEventSourceW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenServiceW
OpenSCManagerW
OpenProcessToken
MapGenericMask
InitializeSecurityDescriptor
AccessCheck
AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
CreateServiceW
CryptGenRandom
CryptReleaseContext
DeleteService
DeregisterEventSource
EqualSid
GetExplicitEntriesFromAclW
GetFileSecurityW
GetLengthSid
GetOldestEventLogRecord
GetPrivateObjectSecurity
GetUserNameW
ImpersonateNamedPipeClient
ImpersonateSelf
InitializeAcl

shell32

SHGetFolderPathW

setupapi

SetupDiSetSelectedDriverW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoA
SetupDiInstallDevice
SetupDiGetSelectedDriverW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
CM_Request_Eject_PC
CM_Request_Device_EjectW
CM_Locate_DevNodeA
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_ID_Size
CM_Get_Device_IDA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_Depth

kernel32

TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcpyW
lstrlenW
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
ExpandEnvironmentStringsW
SetTimeZoneInformation
SetLastError
SetFileTime
SetFilePointer
SetFileApisToOEM
SetEvent
SetEndOfFile
ResetEvent
RequestDeviceWakeup
RemoveDirectoryW
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
Process32NextW
OutputDebugStringW
OutputDebugStringA
OpenThread
OpenProcess
MultiByteToWideChar
MoveFileW
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsDebuggerPresent
BackupWrite
CancelIo
CloseHandle
ConnectNamedPipe
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateNamedPipeW
CreateThread
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
IsBadReadPtr
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommProperties
GetComputerNameExW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessHeaps
GetShortPathNameW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVersion
GetVersionExA
GetVolumeInformationW
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsBadHugeReadPtr
TlsGetValue

ole32

CLSIDFromString
CoCreateInstance
CoGetMalloc
CoInitialize
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
HBRUSH_UserFree

Exports

Exports

ADeviceStopPlay
OpenQueryDef
PVGetCertificateParam
ResetCounter
WriteStreamToFile

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 977B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79fccfd0922b7fe7567c9933bf82f42b

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

advapi32

shell32

setupapi

kernel32

ole32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 78KB - Virtual size: 78KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 977B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 78KB - Virtual size: 78KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 977B