8173641aeabec04dfff95f9e05af4463323be99095c2beffd6bbf776720421f8

Sharing

Copy URL Twitter E-mail

General

Target

8173641aeabec04dfff95f9e05af4463323be99095c2beffd6bbf776720421f8
Size

195KB
MD5

0c7613f8f2a8ec638e52b95f71bb85ba
SHA1

5a358eab15becb7def772a0c39fe0a5e97508f3f
SHA256

8173641aeabec04dfff95f9e05af4463323be99095c2beffd6bbf776720421f8
SHA512

67ec25e7bebcb075efbb20b6096c224f4e5899fbdc29a0c8c8557dc5d6b36b5665104de7c3b47e2a1440a98b88bd03388162a8efde7732492dc18609e8f80e0d
SSDEEP

3072:zKlQhislGlLEF3dfHduL7MMaiq+Sx5a8xMuCutqbc/XJtDecKCrFGr2jhgenL7OL:OihpMlLEBN9riGjmu/qbc/XHtrFK2i

Score

N/A

Malware Config

Signatures

Files

8173641aeabec04dfff95f9e05af4463323be99095c2beffd6bbf776720421f8
.dll windows x86

884bdaa510062397be3dfac8cab76e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
LockServiceDatabase

shell32

FreeIconList
ExtractIconW
SHFreeNameMappings

setupapi

SetupQuerySourceListW
SetupFreeSourceListW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiBuildClassInfoList
CM_Query_Remove_SubTree

kernel32

WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
VirtualProtect
VirtualFree
VirtualAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
SystemTimeToTzSpecificLocalTime
CloseHandle
CopyFileW
CreateFileA
CreateProcessW
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FlushConsoleInputBuffer
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetExitCodeProcess
GetFileInformationByHandle
GetFileType
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalUnWire
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsDebuggerPresent
LCMapStringW
LocalAlloc
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
RtlZeroMemory
SetCommBreak
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep

Exports

Exports

AStartPlay
AppendTempFileList
Backup
CleanupTempFiles
DeleteTempFile
GetRichEdClassStringW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

884bdaa510062397be3dfac8cab76e67

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

setupapi

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 103KB - Virtual size: 103KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 103KB - Virtual size: 103KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 6KB - Virtual size: 5KB