4118a22373aee1d9502df7246b56afa1166f989f41f4d6f85a79f7cd7989b155

Sharing

Copy URL Twitter E-mail

General

Target

4118a22373aee1d9502df7246b56afa1166f989f41f4d6f85a79f7cd7989b155
Size

856KB
MD5

f7e77d2a1b9c5618b72d7e3f0995d8a0
SHA1

9b0bc3393b3ef6c980093333227e7a717c515f00
SHA256

4118a22373aee1d9502df7246b56afa1166f989f41f4d6f85a79f7cd7989b155
SHA512

1c5d65ad54b87fd5b567c07f5dc9da967fcfbc534701b196feffe92e5ac09943c3d47f905c247b7d00ccb104ae8c8760463b1ef7c147c1ff4bacefc7221e8555
SSDEEP

12288:tEHTjUnT4ZszNJEh4UWw9kNuQ1vcQWYKvz9009W2BmKv46Ce5ebnCJo24QVijFiK:tEUnT4ezAh4dc4lvmBlxG8VNx+huK

Score

N/A

Malware Config

Signatures

Files

4118a22373aee1d9502df7246b56afa1166f989f41f4d6f85a79f7cd7989b155
.dll windows x86

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
SysStringLen
SysAllocString
VarUI4FromStr

setupapi

SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_Child
SetupDiGetClassDevsW
CM_Get_Parent
CM_Get_Sibling
SetupDiEnumDeviceInterfaces
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW

ole32

CoInitializeEx
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
StringFromGUID2
CoUninitialize

advapi32

RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

kernel32

lstrcmpiW
InterlockedExchange
SetWaitableTimer
GetTickCount
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
ReleaseMutex
ResetEvent
DeleteCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
GetModuleHandleA
GetThreadLocale
TerminateProcess
GetLastError
ReadFile
Sleep
GetDateFormatA
RaiseException
VirtualAlloc
OutputDebugStringA
SizeofResource
GetExitCodeThread
InterlockedIncrement
DeviceIoControl
GetVersionExA
GlobalAlloc
CreateWaitableTimerW
CreateFileW
CloseHandle
WaitForMultipleObjects
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
CreateThread
InterlockedDecrement
CreateMutexW
InitializeCriticalSection
lstrlenW
GetCurrentThreadId
LocalAlloc
EnterCriticalSection
FindResourceW
LocalFree
WaitForSingleObject
GetOverlappedResult
CancelWaitableTimer
CreateEventW
LeaveCriticalSection
LoadResource
SetEvent
SetThreadLocale
InterlockedCompareExchange
GetModuleHandleW

Exports

Exports

CollObjectWithKeywords
InPlaceXor
Int_ClearFreeList
Proxy_Type
State_New
StopIteration
_flags
get_tRNS
vGetTokenW

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

Imports

oleaut32

setupapi

ole32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 448KB - Virtual size: 448KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 8KB - Virtual size: 6KB