959615ad609b839464f5788689b4c0a20157e09771a55074e723fc8e6ef27887

Sharing

Copy URL Twitter E-mail

General

Target

959615ad609b839464f5788689b4c0a20157e09771a55074e723fc8e6ef27887
Size

488KB
MD5

fc8f8f8a0ea1cb6681f350a3fad0e1f0
SHA1

3dabd249e3b56dfad5d41881aa89131341bc26e0
SHA256

959615ad609b839464f5788689b4c0a20157e09771a55074e723fc8e6ef27887
SHA512

154469cac7091a4bd0f856fb97d4fa658faf0294a7c23ae2d573ee2a42d67e5a09fb656c50db1426bd79b8f7649ea932ffdb5004d800246de58d48e8674a073b
SSDEEP

12288:FB5OEsCUWCEoUmMZ7jBNkrlKBa2aNs0we/Yngq3vnFu09y05K5woUzkYBGof/7Fc:TMuBzHoYq

Score

N/A

Malware Config

Signatures

Files

959615ad609b839464f5788689b4c0a20157e09771a55074e723fc8e6ef27887
.dll windows x86

b54b62930d55306be906889509ec7dcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
MultiByteToWideChar
GlobalFree
GetTickCount
GetSystemTimeAsFileTime
GetLastError
LocalAlloc
SetEvent
CreateMutexW
WaitForSingleObject
GetThreadLocale
InterlockedExchange
GetVersionExA
Sleep
ReadFile
SetUnhandledExceptionFilter
DeviceIoControl
UnhandledExceptionFilter
GetModuleFileNameW
GetExitCodeThread
GetDateFormatA
QueryPerformanceCounter
GetOverlappedResult
GetCurrentThreadId
CloseHandle
lstrcmpiW
ReleaseMutex
InterlockedDecrement
WaitForMultipleObjects
RaiseException
GetModuleHandleA
lstrlenW
GetModuleHandleW
OutputDebugStringA
SizeofResource
InterlockedCompareExchange
InitializeCriticalSection
CreateEventW
InterlockedIncrement
SetThreadLocale
CreateWaitableTimerW
CreateThread
LeaveCriticalSection
FindResourceW
WideCharToMultiByte
ResetEvent
SetWaitableTimer
FreeLibrary
LoadResource
LocalFree
GetCurrentProcessId
EnterCriticalSection
VirtualAlloc
TerminateProcess
CancelWaitableTimer
CreateFileW
DeleteCriticalSection

advapi32

RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW

oleaut32

RegisterTypeLi
LoadTypeLi
SysFreeString
UnRegisterTypeLi
SysStringLen
VarUI4FromStr
SysAllocString

ole32

PropVariantClear
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc

setupapi

CM_Get_Sibling
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
SetupDiEnumDeviceInterfaces
CM_Get_Parent
CM_Get_Child

Exports

Exports

FillContiguousStrides
FlagsFilename
InPlaceAnd
NewException
SetObjectType
StringAFromFormat
UnicodeWarning
vInitW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b54b62930d55306be906889509ec7dcd

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

ole32

setupapi

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 60KB - Virtual size: 58KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 60KB - Virtual size: 58KB

.reloc
Size: 8KB - Virtual size: 6KB