95f7090f1c2373be6f467ed25bfb630681a1f27ebbc04c0eb1d21a601da9571f

Sharing

Copy URL

Twitter E-mail

General

Target

95f7090f1c2373be6f467ed25bfb630681a1f27ebbc04c0eb1d21a601da9571f
Size

145KB
MD5

18e2c7a9cfe77c9b0fa114a31e35c4c3
SHA1

167bdde1cd12d51e7060320001d6126459b55814
SHA256

95f7090f1c2373be6f467ed25bfb630681a1f27ebbc04c0eb1d21a601da9571f
SHA512

aac9b7ed8e77a19f5dcbd589bd5bb20f5bbe02324b72a8ece8f7d91aba275d58858e0cfbe907427093b8cf35eb74666c0cbb6749e30b65222d0093dcc5d280ed
SSDEEP

3072:2f0ZaMihmMSdtozj/ohC21VS2XaLg0sVcGCCwE902T9+xzI09w:2f0QO9tozp2/2Lc/mI9+xzI

Score

N/A

Malware Config

Signatures

Files

95f7090f1c2373be6f467ed25bfb630681a1f27ebbc04c0eb1d21a601da9571f
.dll windows x86

79fccfd0922b7fe7567c9933bf82f42b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfW
UnregisterDeviceNotification
SetCursorPos
RegisterDeviceNotificationA
PeekMessageA
MsgWaitForMultipleObjectsEx
CharUpperA

ws2_32

socket
send
select
recv
listen
ioctlsocket
htonl
getsockopt
getsockname
connect
closesocket
accept
__WSAFDIsSet
WSAGetLastError

advapi32

FreeSid
UninstallApplication
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
SetEntriesInAclW
RevertToSelf
ReportEventW
RegisterServiceCtrlHandlerExA
RegisterEventSourceW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenServiceW
OpenSCManagerW
OpenProcessToken
MapGenericMask
InitializeSecurityDescriptor
AccessCheck
AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
CreateServiceW
CryptGenRandom
CryptReleaseContext
DeleteService
DeregisterEventSource
EqualSid
GetExplicitEntriesFromAclW
GetFileSecurityW
GetLengthSid
GetOldestEventLogRecord
GetPrivateObjectSecurity
GetUserNameW
ImpersonateNamedPipeClient
ImpersonateSelf
InitializeAcl

shell32

SHGetFolderPathW

setupapi

SetupDiSetSelectedDriverW
SetupDiSetSelectedDevice
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoA
SetupDiInstallDevice
SetupDiGetSelectedDriverW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
CM_Request_Eject_PC
CM_Request_Device_EjectW
CM_Locate_DevNodeA
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_ID_Size
CM_Get_Device_IDA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_Depth

kernel32

TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcpyW
lstrlenW
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
ExpandEnvironmentStringsW
SetTimeZoneInformation
SetLastError
SetFileTime
SetFilePointer
SetFileApisToOEM
SetEvent
SetEndOfFile
ResetEvent
RequestDeviceWakeup
RemoveDirectoryW
ReadFile
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
Process32NextW
OutputDebugStringW
OutputDebugStringA
OpenThread
OpenProcess
MultiByteToWideChar
MoveFileW
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsDebuggerPresent
BackupWrite
CancelIo
CloseHandle
ConnectNamedPipe
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateNamedPipeW
CreateThread
DeleteCriticalSection
DeleteFileW
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
IsBadReadPtr
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeLibrary
FreeResource
GetACP
GetCommProperties
GetComputerNameExW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessHeaps
GetShortPathNameW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVersion
GetVersionExA
GetVolumeInformationW
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsBadHugeReadPtr
TlsGetValue

ole32

CLSIDFromString
CoCreateInstance
CoGetMalloc
CoInitialize
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
HBRUSH_UserFree

Exports

Exports

ADeviceStartPlay
AddColumn
FIsValidFileNameCharA
SetColumns

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 913B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79fccfd0922b7fe7567c9933bf82f42b

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

advapi32

shell32

setupapi

kernel32

ole32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 913B

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 913B