8483a38e9673555f2501ed52a1901172a56e5b6c97717d449a2273b43e99789f

Sharing

Copy URL

Twitter E-mail

General

Target

8483a38e9673555f2501ed52a1901172a56e5b6c97717d449a2273b43e99789f
Size

471KB
MD5

4e8efbd724d88d46111405f736cd08b8
SHA1

8762958cc5b93648b0f071d7db1bf49836092ee8
SHA256

8483a38e9673555f2501ed52a1901172a56e5b6c97717d449a2273b43e99789f
SHA512

2cdf274d39312035e298ee5b1cee07a047c1ea09870b51997d4d17f8841da55108eab41a6df09f24d4f1af3bd29cb46cd93de9ec2b0aef1c52c048ec13b5a75b
SSDEEP

6144:AduB59NSJnZQ2/Ur/xXotgmTpjKgJLuyDedvwk+OiEQ135wOw2tXw+lCFtEL+57E:PNSNZQ2/WhiJrJEhMXw+lRAe6AT5hB

Score

N/A

Malware Config

Signatures

Files

8483a38e9673555f2501ed52a1901172a56e5b6c97717d449a2273b43e99789f
.dll windows x86

ab6a3b3f9d7241ac4800a4acf8b4a7f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultUILanguage
GetSystemInfo
GetSystemWindowsDirectoryW
GetTempFileNameW
GetThreadLocale
GetTickCount
GetUserDefaultLCID
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalCompact
LocalFree
GetModuleHandleA
LockResource
MapUserPhysicalPagesScatter
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OutputDebugStringA
RaiseException
ReadConsoleOutputW
ReadFile
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransmitCommChar
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputW
WriteConsoleW
WriteFile
lstrlenW
GetModuleFileNameW
GetModuleFileNameA
GetMailslotInfo
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
CloseHandle
GetLastError
GetFileType
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentProcessId
GetConsoleScreenBufferInfo
GetConsoleOutputCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FreeConsole
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindNextFileW
FindClose
FillConsoleOutputCharacterW
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateMutexW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
LocalReAlloc

shell32

SHGetFolderLocation
CommandLineToArgvW
SHGetFolderPathW

user32

UnregisterClassA
SystemParametersInfoW
ShowWindow
SetWindowPlacement
SetFocus
SetDlgItemTextW
SetClassWord
SendMessageW
SendDlgItemMessageW
ReleaseDC
RegisterClassExW
PtInRect
PostQuitMessage
PostMessageW
OemKeyScan
MessageBoxW
LoadImageW
LoadIconW
LoadBitmapW
IsRectEmpty
IsDlgButtonChecked
InvalidateRect
GetWindowLongW
GetSystemMetrics
GetSysColor
GetProcessWindowStation
GetParent
GetIconInfo
GetFocus
GetDC
DrawTextExW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
CreateWindowExW
CheckMenuRadioItem
CharLowerW
AllowSetForegroundWindow
CheckDlgButton

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

setupapi

SetupQueueCopyIndirectW
CMP_WaitNoPendingInstallEvents
CM_Enumerate_Classes
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Query_And_Remove_SubTreeW
CM_Setup_DevNode
SetupCommitFileQueueW
SetupCopyOEMInfW
SetupDefaultQueueCallbackW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetActualSectionToInstallW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetSelectedDevice
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetIntField
SetupGetLineCountW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInitDefaultQueueCallbackEx
SetupInstallFilesFromInfSectionW
SetupInstallFromInfSectionW
SetupOpenAppendInfFileW
SetupOpenFileQueue
SetupOpenInfFileW
SetupTermDefaultQueueCallback

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
DeleteService
EqualSid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
IsTextUnicode
LsaSetInformationPolicy
LsaStorePrivateData
OpenProcessToken
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetEntriesInAclW
SetPrivateObjectSecurityEx
SetSecurityDescriptorDacl
SystemFunction024

gdi32

CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteDC
EndDoc
EndPage
GetDeviceCaps
GetObjectW
GetTextMetricsW
SetLayout
StartDocW
StartPage
SwapBuffers

Exports

Exports

SetProfile
UserWarning
vCleanup
vGetFileW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab6a3b3f9d7241ac4800a4acf8b4a7f8

Headers

File Characteristics

Imports

kernel32

shell32

user32

version

setupapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 219KB - Virtual size: 218KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 219KB - Virtual size: 218KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 5KB - Virtual size: 5KB