3b1bbff45a7909608c21c0f30858c0b2fe0e5a90538cb45569a874d14932dc83

Sharing

Copy URL Twitter E-mail

General

Target

3b1bbff45a7909608c21c0f30858c0b2fe0e5a90538cb45569a874d14932dc83
Size

434KB
MD5

806246c2e6f98d34a32899e69b1a2520
SHA1

378c9ba6177e587a8902c7cb98f1e2d73b7afe4a
SHA256

3b1bbff45a7909608c21c0f30858c0b2fe0e5a90538cb45569a874d14932dc83
SHA512

3a0ed6adf20037a7a4665a6f7639a8863ac174b91585227b99e8396b182aaf148f46b07c3df55c8c503a4606172895140c04816d35d085b634d5e697c649e534
SSDEEP

6144:8wKlDimj1dCwCsC77bX0xheJhA0ps35iPJqNAC9v9GwA2J1zt11uNzRg2sA0iEcC:8nhLd4DXA+sWIJhQ2Jt3od4Eyo

Score

N/A

Malware Config

Signatures

Files

3b1bbff45a7909608c21c0f30858c0b2fe0e5a90538cb45569a874d14932dc83
.dll windows x86

010e67a01d707e09c8e079cfa1f182b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupQueueCopyW
SetupOpenInfFileW
SetupOpenFileQueue
SetupOpenAppendInfFileW
SetupInstallServicesFromInfSectionW
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Setup_DevNode
SetupCloseFileQueue
SetupCommitFileQueueW
SetupCopyOEMInfW
SetupDefaultQueueCallbackW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiOpenClassRegKey
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupFindFirstLineW
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetFieldCount
SetupGetIntField
SetupGetLineCountW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInitDefaultQueueCallbackEx
SetupInstallFromInfSectionW
CMP_WaitNoPendingInstallEvents

gdi32

EndPage
StartPage
SetLayout
SetGraphicsMode
SelectObject
GetTextMetricsW
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
EndDoc
GdiGetDevmodeForPage
GetDeviceCaps
GetMetaRgn
GetObjectW

kernel32

WriteFile
lstrcmpW
lstrcmpiW
lstrlenW
WriteConsoleW
AllocConsole
BackupRead
CloseHandle
CompareStringW
CopyFileW
CreateEventW
CreateFileMappingW
CreateMutexW
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FindClose
FindResourceExW
FindResourceW
FlushFileBuffers
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameW
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessPriorityBoost
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetThreadLocale
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MultiByteToWideChar
OutputDebugStringA
PulseEvent
QueryPerformanceCounter
RaiseException
ReadConsoleOutputW
ReadFile
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetEndOfFile
SetFileAttributesW
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
SizeofResource
Sleep
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VirtualAlloc
VirtualFree
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleA
WriteConsoleOutputW

user32

UnregisterClassA
AllowSetForegroundWindow
CharLowerW
CheckDlgButton
CreateIconIndirect
SystemParametersInfoW
ShowWindow
SetWindowLongW
SetFocus
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
ReleaseDC
PostQuitMessage
PostMessageW
LookupIconIdFromDirectory
LoadIconW
LoadBitmapW
InvalidateRect
GetSystemMetrics
GetScrollBarInfo
GetProcessWindowStation
GetParent
GetIconInfo
GetDlgItem
GetDC
EndDialog
DrawTextExW
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW

shell32

SHGetMalloc
ShellExecuteExW
CommandLineToArgvW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

advapi32

SystemFunction015
SystemFunction008
StartServiceW
SetSecurityDescriptorDacl
SetEntriesInAclW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
QueryServiceStatus
OpenServiceW
OpenSCManagerW
OpenProcessToken
LsaLookupPrivilegeValue
IsTextUnicode
InitializeSecurityDescriptor
GetWindowsAccountDomainSid
GetTokenInformation
GetSecurityDescriptorControl
GetLengthSid
FreeSid
EqualSid
DeleteService
CryptHashSessionKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
ControlService
CloseServiceHandle
CheckTokenMembership
AreAnyAccessesGranted
AllocateAndInitializeSid
AddAccessAllowedAce

Exports

Exports

Number_Coerce
Number_Xor
SetAttrString
State_Next
destroy_info_struct
destroy_struct_2
get_header_ver
get_sRGB
set_sBIT

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010e67a01d707e09c8e079cfa1f182b8

Headers

File Characteristics

Imports

setupapi

gdi32

kernel32

user32

shell32

version

advapi32

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 217KB - Virtual size: 216KB

.data Size: 108KB - Virtual size: 109KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 217KB - Virtual size: 216KB

.data
Size: 108KB - Virtual size: 109KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 3KB - Virtual size: 3KB