35aa95db67e5f0d026e11c4bfe5d166dd72d6851a65ed583d8ad283788045489

Sharing

Copy URL Twitter E-mail

General

Target

35aa95db67e5f0d026e11c4bfe5d166dd72d6851a65ed583d8ad283788045489
Size

672KB
MD5

62996777240f67c8ab60c9e44aa8d430
SHA1

93d1391f9e9f33558ea03da5e8634217146787a5
SHA256

35aa95db67e5f0d026e11c4bfe5d166dd72d6851a65ed583d8ad283788045489
SHA512

984ae7ef262ec7d57368cf966c572f13adcee898f31e6f34e2bc70f781a7478e30f5701ff4df255d8ad0cf6375ee790554e0332ce864bae266cb8d7ec0aeebb9
SSDEEP

12288:VlRWEBjxbmQEnmhZG+Eo1AVEoRxa3BqR1AGaIbnGg:VlRWEB1bmQEnq6bnRxa3BqTiIb

Score

N/A

Malware Config

Signatures

Files

35aa95db67e5f0d026e11c4bfe5d166dd72d6851a65ed583d8ad283788045489
.dll windows x86

fe3e40b03e7dba15e79f14e554d408d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Locate_DevNodeW
SetupDiSelectOEMDrv
SetupCloseInfFile
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyW
CM_Get_Parent
CM_Add_Empty_Log_Conf_Ex
SetupDiGetClassDevsW
CM_Delete_DevNode_Key
SetupDiGetDeviceInterfaceAlias

oleaut32

LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysFreeString
SysStringLen
SysAllocString

kernel32

InterlockedDecrement
lstrcmpiW
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
lstrlenW
GetVersionExA
GetModuleHandleW
GetCurrentProcessId
GetOverlappedResult
Sleep
EnterCriticalSection
GetSystemTimeAsFileTime
InterlockedIncrement
VirtualAlloc
CreateThread
InterlockedCompareExchange
GetExitCodeThread
SetWaitableTimer
LocalFree
WideCharToMultiByte
ResetEvent
UnhandledExceptionFilter
TerminateProcess
CloseHandle
ReleaseMutex
SetEvent
GetCurrentThreadId
CreateMutexW
CreateWaitableTimerW
InterlockedExchange
MultiByteToWideChar
FreeLibrary
GetModuleHandleA
RaiseException
InitializeCriticalSection
GetLastError
GetModuleFileNameW
ReadFile
DeleteCriticalSection
GetThreadLocale
WaitForSingleObject
SetUnhandledExceptionFilter
FindResourceW
LoadResource
WaitForMultipleObjects
GlobalAlloc
GlobalFree
CreateFileW
DeviceIoControl
CreateEventW
LeaveCriticalSection
GetDateFormatA
LocalAlloc
CancelWaitableTimer

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegCreateKeyW
RegSetValueExW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
PropVariantClear
OleCreateFromFile
CoInitializeEx
CoUninitialize
CoInitialize

Exports

Exports

FromLong
GenericSetAttr
Keys
NewClass1Method
SimpleFileEx
_Contains
get_compression_type
write_rows

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe3e40b03e7dba15e79f14e554d408d0

Headers

File Characteristics

Imports

setupapi

oleaut32

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 252KB - Virtual size: 252KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 252KB - Virtual size: 252KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 12KB - Virtual size: 9KB