8bcd2abfdbfb81ef83a2f9ddeff8435c0859d7cfdaa5eae713aaafd2c3e50a62

Sharing

Copy URL Twitter E-mail

General

Target

8bcd2abfdbfb81ef83a2f9ddeff8435c0859d7cfdaa5eae713aaafd2c3e50a62
Size

270KB
MD5

4dc6b295f511b1d20210a010af219c54
SHA1

465ea521f034b644a2c2b851c7c883281dbbc314
SHA256

8bcd2abfdbfb81ef83a2f9ddeff8435c0859d7cfdaa5eae713aaafd2c3e50a62
SHA512

f58eb03b275d403d71295a9ac45fad17850d8379e9f614ec1c95460248ac45c38859ffd565d69b2bed3778a265223bd8ed8c323eb10706f08a8aa99ba09e2c1c
SSDEEP

3072:UiyVDxC5Vp6fh708kDc90/MnLkGpNo4qs+NA6aXwReB22Mil8j20siIChKo:UfVD6Vpm9NPBNo2rp22N8i0siVhKo

Score

N/A

Malware Config

Signatures

Files

8bcd2abfdbfb81ef83a2f9ddeff8435c0859d7cfdaa5eae713aaafd2c3e50a62
.exe windows x86

4ac3cd9f9d61d569cade40b99bbd3eb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidD_GetFeature
HidD_SetOutputReport
HidD_FreePreparsedData
HidP_SetUsageValueArray
HidD_SetFeature
HidD_GetSerialNumberString
HidD_GetManufacturerString
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetPhysicalDescriptor
HidD_GetIndexedString
HidD_GetNumInputBuffers
HidD_Hello
HidP_InitializeReportForID
HidP_UnsetUsages
HidD_GetInputReport
HidP_GetUsages
HidP_TranslateUsagesToI8042ScanCodes
HidP_SetScaledUsageValue
HidP_GetScaledUsageValue
HidP_SetUsages
HidP_GetSpecificButtonCaps
HidP_GetButtonCaps
HidP_GetValueCaps

kernel32

SetConsoleTitleW
GetSystemTime
GetLastError
lstrcpyn
WaitForSingleObjectEx
AttachConsole
GetCurrentThread
GlobalSize
ChangeTimerQueueTimer
GlobalReAlloc
VirtualAlloc
FreeConsole
WriteProcessMemory
EnumSystemCodePagesA
LoadLibraryA
ActivateActCtx
DeleteTimerQueueTimer
CreateActCtxA
GetEnvironmentStrings
GetStartupInfoA
FileTimeToLocalFileTime
SetVDMCurrentDirectories
GetUserDefaultUILanguage
SwitchToThread
GetCommandLineA
FillConsoleOutputCharacterW
OpenJobObjectA
GetCPInfo
GetShortPathNameW

msvcrt40

localeconv
_execvpe
??0strstreambuf@@QAE@ABV0@@Z
?floatfield@ios@@2JB
_wcmdln
??1strstream@@UAE@XZ
_waccess
_purecall
??0fstream@@QAE@XZ
_abnormal_termination
?ws@@YAAAVistream@@AAV1@@Z
_creat
??_Eiostream@@UAEPAXI@Z
_set_error_mode
_filelengthi64
?delbuf@ios@@QBEHXZ
?getint@istream@@AAEHPAD@Z
??5istream@@QAEAAV0@AAI@Z
_strupr
?adjustfield@ios@@2JB
_stati64
?hex@@YAAAVios@@AAV1@@Z
_endthreadex
??0stdiostream@@QAE@PAU_iobuf@@@Z
_mbscoll

setupapi

SetupDiClassNameFromGuidW
SetupInstallFromInfSectionA
SetupLogErrorA
SetupGetFileCompressionInfoW
SetupRemoveFromDiskSpaceListA
pSetupStringTableStringFromIdEx
SetupDiCreateDevRegKeyA
SetupQueryInfOriginalFileInformationW
SetupDiGetClassImageList
SetupDiDeleteDeviceInfo
SetupDiGetCustomDevicePropertyA
CM_Get_Device_Interface_AliasW
pSetupAddTagToGroupOrderListEntry
CM_Create_Range_List
SetupDiSetClassInstallParamsW
SetupDiDestroyClassImageList
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_IDA
SetupGetInfInformationA
SetupOpenAppendInfFileA
SetupScanFileQueueA
pSetupWriteLogError
SetupDiGetClassDescriptionW
CM_Add_ID_ExW

gdi32

PATHOBJ_vEnumStartClipLines
CreateDIBPatternBrushPt
CreateDIBitmap
GetCharacterPlacementW
GetEnhMetaFileW
SetPixelFormat
GdiPrinterThunk
EngCreateBitmap
STROBJ_dwGetCodePage
LineDDA
EngGetPrinterDataFileName
EnumEnhMetaFile
ClearBitmapAttributes
EudcUnloadLinkW
GdiConvertDC
GdiStartPageEMF
CreateFontW
RemoveFontResourceExA
DdEntry33
BRUSHOBJ_ulGetBrushColor
BRUSHOBJ_pvAllocRbrush
EngCheckAbort
FlattenPath
AddFontResourceExA
PolyBezier

netapi32

DsRoleGetDatabaseFacts
DsRoleDnsNameToFlatName
DsEnumerateDomainTrustsW
NetWkstaSetInfo
NetDfsMove
NetShareCheck
NetSessionDel
NetApiBufferReallocate
NetReplExportDirEnum
NetGetAnyDCName
NetWkstaTransportDel
I_NetLogonSamLogonWithFlags
DsGetForestTrustInformationW
I_NetServerPasswordSet
NetWkstaUserSetInfo
I_NetLogonGetDomainInfo
NetpDbgPrint
NetEnumerateComputerNames
NetapipBufferAllocate
NetServerSetInfo
NetServiceGetInfo
NetAddAlternateComputerName
NetServerDiskEnum
I_NetLogonSamLogon
NetStatisticsGet
NetDfsAddStdRoot

hhsetup

?SetVolume@CLocation@@QAEXPBG@Z
?FirstLocation@CCollection@@QAEPAVCLocation@@XZ
?GetVolume@CLocation@@QAEPADXZ
?GetCollectionFileName@CCollection@@QAEPBDXZ
?AddLocation@CCollection@@QAEPAVCLocation@@PBD000PAK@Z
?AddLocationHistory@CTitle@@QAEKKPBG00PBVCLocation@@00H@Z
?GetLanguage@CTitle@@QAEGXZ
?ParseFile@CCollection@@AAEKPBD@Z
?GetMasterCHM@CCollection@@QAEHPAPADPAG@Z
?AddChildFolder@CFolder@@QAEPAV1@PBDKPAKG@Z
?SetId@CTitle@@QAEXPBG@Z
?GetTitleW@CFolder@@QAEPBGXZ
?ConfirmTitles@CCollection@@QAEXXZ
?WriteFolder@CCollection@@AAEHPAPAVCFolder@@@Z
??0CTitle@@QAE@XZ
?DeleteFolder@CCollection@@QAEKPAVCFolder@@@Z
?GetVisableRootFolder@CCollection@@QAEPAVCFolder@@XZ
?WriteFolders@CCollection@@AAEHPAPAVCFolder@@@Z
?AddChildFolder@CFolder@@QAEPAV1@PBGKPAKG@Z
?DeleteFolders@CCollection@@AAEXPAPAVCFolder@@@Z

comcat

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ac3cd9f9d61d569cade40b99bbd3eb3

Headers

File Characteristics

Imports

hid

kernel32

msvcrt40

setupapi

gdi32

netapi32

hhsetup

comcat

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 124KB

.tls Size: 512B - Virtual size: 4B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 320B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 124KB

.tls
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 320B