afb63437bb28b3963d896ecbd0fb089a6e8d20df43c260fff5abd041e52482c8

Sharing

Copy URL Twitter E-mail

General

Target

afb63437bb28b3963d896ecbd0fb089a6e8d20df43c260fff5abd041e52482c8
Size

187KB
MD5

88140def209e21c59c229a2c0cdc656f
SHA1

12c3893869d343f5256d7f9318761d29ccb43937
SHA256

afb63437bb28b3963d896ecbd0fb089a6e8d20df43c260fff5abd041e52482c8
SHA512

ce30607be30dfd53d384afbd2cebcadb8ffe29512636542f826c6f7a18408f4a446f9adb7ca04017c5705d8543bcfdd2ed90611898f5ebe24fc32fbbecd55c50
SSDEEP

3072:PZLWqudCBOzbn4eEyfooFJjoHkq59J+IlnonIkFoVhPjWAKsuY4Y3l/:POAOzbnrooFJMvEi4IG2HuY73

Score

N/A

Malware Config

Signatures

Files

afb63437bb28b3963d896ecbd0fb089a6e8d20df43c260fff5abd041e52482c8
.exe windows x86

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaNtStatusToWinError
NotifyBootConfigStatus
RegCloseKey
RegDeleteKeyW
RegEnumValueW
RegOpenCurrentUser
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

oleaut32

SafeArrayGetLBound
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayUnlock
SysAllocStringLen
SysFreeString
SysStringLen
VarCyMul
VariantChangeType
VariantClear
VariantInit
SafeArrayCreate

shlwapi

PathFindFileNameW

rpcrt4

RpcServerUseProtseqEpW
NdrServerCall2
RpcAsyncRegisterInfo
RpcMgmtStopServerListening
RpcMgmtWaitServerListen
RpcServerRegisterIfEx
RpcServerUnregisterIf

shell32

SHCreateDirectoryExW
SHFreeNameMappings
SHGetDesktopFolder
SHAddToRecentDocs

kernel32

_llseek
WriteFileEx
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
SystemTimeToTzSpecificLocalTime
Sleep
SizeofResource
SignalObjectAndWait
SetStdHandle
SetProcessShutdownParameters
SetFilePointer
SetCurrentDirectoryW
RtlUnwind
ResumeThread
ResetEvent
CloseHandle
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteFileW
DeviceIoControl
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindNextFileW
FlushConsoleInputBuffer
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GlobalHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LocalFree
MapViewOfFile
Module32FirstW
MoveFileW
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW

ole32

CoInitialize
CoCreateInstance
CoInitializeEx

user32

GetMessageW
PostQuitMessage
SetTimer

setupapi

SetupUninstallOEMInfW
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupGetStringFieldW
SetupGetFieldCount
SetupDiSetDeviceInstallParamsW
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
CM_Add_Empty_Log_Conf_Ex
CM_Free_Log_Conf_Ex
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiGetDeviceRegistryPropertyW

Exports

Exports

ADeviceResumePlay
CreateTempFile
DupSession
GotoBookmark
HrFindInetTimeZone

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 371B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

oleaut32

shlwapi

rpcrt4

shell32

kernel32

ole32

user32

setupapi

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 371B

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 371B