2e78a4e8af2942fc4d3c4155808720f06b40e034fb7587548a954c17640156ea

Sharing

Copy URL Twitter E-mail

General

Target

2e78a4e8af2942fc4d3c4155808720f06b40e034fb7587548a954c17640156ea
Size

693KB
MD5

2bed6c565fbcac5721b1bcf394a081c0
SHA1

2decc06c2f6335dc0564890828be2fef0ca561b7
SHA256

2e78a4e8af2942fc4d3c4155808720f06b40e034fb7587548a954c17640156ea
SHA512

8aeee6dc3d410a24753e453c66fa0689c89de741307e30b93deaec975b839c44b0026a4ffb6986a6f536c7b2206dc5b36e0c13015fd0ca0886e4dc5e8a72712c
SSDEEP

12288:H/sL1f8Gu69CIEc+EcUmpV/8YcVui+uKmZ8s1ZvEm6pZ7xtOzvC/:EL1FukEc+MmpVDcci+FmZ8s7MmEk0

Score

N/A

Malware Config

Signatures

Files

2e78a4e8af2942fc4d3c4155808720f06b40e034fb7587548a954c17640156ea
.dll windows x86

fd584239f831341fc0e28b251dd71e70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

socket
ntohl
htonl
gethostname

user32

keybd_event
LoadStringA
GetKeyboardType
EnumThreadWindows
DdeCreateDataHandle
CharNextA

advapi32

RegOpenKeyExA
CopySid
AreAllAccessesGranted
RegQueryValueExA

kernel32

WaitForSingleObjectEx
WaitForSingleObject
VirtualFreeEx
WideCharToMultiByte
VirtualAlloc
VerSetConditionMask
TlsSetValue
_lopen
lstrcpynA
VirtualFree
GlobalDeleteAtom
AllocConsole
ChangeTimerQueueTimer
CloseHandle
CompareStringA
ConvertDefaultLocale
CreateEventA
CreateFileA
DeleteCriticalSection
DeleteTimerQueueEx
EnterCriticalSection
EscapeCommFunction
ExitProcess
FillConsoleOutputAttribute
FindClose
FindFirstFileA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetACP
GetCPInfo
GetCommandLineA
GetConsoleDisplayMode
GetCurrentConsoleFont
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetHandleInformation
GetLastError
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessWorkingSetSize
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTapePosition
GetTapeStatus
GetThreadLocale
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
TlsFree
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
Heap32ListNext
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByte
IsDBCSLeadByteEx
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadModule
LocalAlloc
LocalFree
LocalReAlloc
LockFileEx
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ResetEvent
RtlUnwind
SetEvent
SetFilePointer
SetFilePointerEx
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetThreadContext
SetThreadExecutionState
SetUnhandledExceptionFilter
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateJobObject

oleaut32

VarI1FromDate
VarR4FromI2
VariantChangeType
VariantCopyInd
VariantInit
VarCmp
UnRegisterTypeLi
SysReAllocStringLen
SysAllocStringLen
SafeArrayPutElement
VarCyFromUI4
GetErrorInfo
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetUBound

setupapi

SetupCloseInfFile
CM_Set_DevNode_Problem
CM_Get_Sibling
CM_Free_Log_Conf_Ex
SetupUninstallNewlyCopiedInfs
SetupOpenLog

Exports

Exports

GC_Del
String_Decode
UnicodeFilename
get_pHYs

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd584239f831341fc0e28b251dd71e70

Headers

File Characteristics

Imports

wsock32

user32

advapi32

kernel32

oleaut32

setupapi

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 492KB - Virtual size: 492KB

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 27KB - Virtual size: 27KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 492KB - Virtual size: 492KB

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 27KB - Virtual size: 27KB

.reloc
Size: 6KB - Virtual size: 5KB