37b999911d774e9dd23f54d68dc412713c3696413dc8e5f4fb01933d7ccaccd6

Sharing

Copy URL Twitter E-mail

General

Target

37b999911d774e9dd23f54d68dc412713c3696413dc8e5f4fb01933d7ccaccd6
Size

488KB
MD5

fcc09434a32313fe49560530b46e1a70
SHA1

d3377266a1523fbba39c8542e16d0da006b53f3b
SHA256

37b999911d774e9dd23f54d68dc412713c3696413dc8e5f4fb01933d7ccaccd6
SHA512

600e8226e503c76b214643317bad249f682845036b1cd8841857b2f6e2bfd2c81ed7359e46c45e66477be9776f7d26d4afcfa274c1087d2fcbf09608156c326e
SSDEEP

12288:YU+2yMOSPaKdqzlWOj/E0hwRA2oBDmLEMmXyOyvAT6UG1T42Hxbs/IZU8anEfTOy:YUeSd5AeaR0gIdP

Score

N/A

Malware Config

Signatures

Files

37b999911d774e9dd23f54d68dc412713c3696413dc8e5f4fb01933d7ccaccd6
.dll windows x86

a672c66ead0e26237b101fca82cce524

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetDateFormatA
LeaveCriticalSection
GetModuleHandleW
SetEvent
GetLastError
LocalFree
GetTickCount
InterlockedDecrement
GetModuleHandleA
WaitForSingleObject
GetSystemTimeAsFileTime
GetModuleFileNameW
ResetEvent
GetOverlappedResult
FreeLibrary
FindResourceW
MultiByteToWideChar
CancelWaitableTimer
EnterCriticalSection
GlobalFree
InitializeCriticalSection
InterlockedIncrement
GlobalAlloc
OutputDebugStringA
WaitForMultipleObjects
GetVersionExA
SetThreadLocale
GetCurrentThreadId
SetWaitableTimer
GetCurrentProcessId
WideCharToMultiByte
VirtualAlloc
LocalAlloc
LoadResource
ReleaseMutex
InterlockedCompareExchange
CloseHandle
GetThreadLocale
SizeofResource
DeleteCriticalSection
ReadFile
TerminateProcess
Sleep
lstrcmpiW
CreateFileW
RaiseException
CreateWaitableTimerW
InterlockedExchange
GetExitCodeThread
QueryPerformanceCounter
DeviceIoControl
lstrlenW
CreateThread
UnhandledExceptionFilter
CreateEventW
CreateMutexW

ole32

CoInitializeEx
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
StringFromGUID2
PropVariantClear

setupapi

SetupDiDestroyDeviceInfoList
CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
SetupDiEnumDeviceInterfaces
CM_Get_Sibling
SetupDiGetClassDevsW
CM_Get_Parent
CM_Get_Device_IDW
CM_Locate_DevNodeW
SetupDiGetDeviceInterfaceDetailW

advapi32

RegEnumKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyW

oleaut32

VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
LoadTypeLi
SysAllocString
SysFreeString

Exports

Exports

BadInternalCall
Items
List_SetItem
ReleaseLock
WriteString
XMLCharRefReplaceErrors

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a672c66ead0e26237b101fca82cce524

Headers

File Characteristics

Imports

kernel32

ole32

setupapi

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 12KB - Virtual size: 10KB