8876cbe60d408754f12e8c39493a075626632ff655f391990618798e32099c57

Sharing

Copy URL

Twitter E-mail

General

Target

8876cbe60d408754f12e8c39493a075626632ff655f391990618798e32099c57
Size

269KB
MD5

471ac64674cfc392b8af7e4bedf29bf3
SHA1

cb181a6a59a92ffe5a295d094e05f4a3cf525d3d
SHA256

8876cbe60d408754f12e8c39493a075626632ff655f391990618798e32099c57
SHA512

dc9c3f8a47ed6d6569f40a875551dcbc9da16aadbf839b1f3e9489b6800dc6a1b278d024f0485c88a5216a46d9787752ec6620c4a6fd27bba6205ade3ac1f5c0
SSDEEP

6144:dnNgYu03erzDIbIMgwJEwURApNdJmR0z4sGLyXaWxBYe:8aejIbFvURApNisGMxV

Score

N/A

Malware Config

Signatures

Files

8876cbe60d408754f12e8c39493a075626632ff655f391990618798e32099c57
.exe windows x86

0526fdd803c5b8a8710f335c53d2e121

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiBuildClassInfoList
SetupDiGetClassDescriptionW
pSetupVerifyQueuedCatalogs
CMP_WaitNoPendingInstallEvents
SetupDiGetClassDevsExW
SetupGetLineTextW
CM_Open_Class_KeyW
SetupDiGetINFClassW
pSetupIsGuidNull
SetupDiClassGuidsFromNameW
SetupAddToSourceListW
SetupRemoveFromSourceListW
SetupInitDefaultQueueCallbackEx
SetupTermDefaultQueueCallback
SetupDefaultQueueCallbackW
pSetupStringFromGuid
SetupInstallServicesFromInfSectionExW
SetupIterateCabinetW
SetupScanFileQueueW
SetupPromptForDiskW
SetupOpenAppendInfFileW
pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupQueueCopyW
SetupOpenFileQueue
SetupInstallFilesFromInfSectionW
SetupCommitFileQueueW
SetupCloseFileQueue
SetupGetInfInformationW
SetupGetSourceFileLocationW
SetupGetSourceInfoW
SetupDecompressOrCopyFileW
SetupQueryInfFileInformationW
CM_Get_DevNode_Status
SetupDiCreateDeviceInfoW
SetupDiRegisterDeviceInfo
SetupDiDeleteDeviceInfo
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
SetupGetLineCountW
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
pSetupGetField
SetupGetFieldCount
SetupDiInstallDevice
SetupDiSetDeviceRegistryPropertyW
SetupInstallFromInfSectionW
SetupDiSelectBestCompatDrv
SetupFindNextMatchLineW
SetupOpenLog
SetupLogErrorW
SetupCloseLog
SetupDiSetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiGetDriverInstallParamsW
SetupDiSetDriverInstallParamsW
SetupDiCreateDevRegKeyW
SetupDiGetActualSectionToInstallW
SetupGetMultiSzFieldW
SetupGetIntField
SetupGetLineByIndexW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
CM_Get_Parent
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiDestroyDriverInfoList
SetupDiGetSelectedDriverW
pSetupGuidFromString
SetupDiOpenDevRegKey
SetupCopyOEMInfW
SetupDiBuildDriverInfoList
SetupDiOpenClassRegKey
SetupDiInstallClassW
SetupDiGetDriverInfoDetailW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetClassInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInfoListDetailW
SetupDiLoadClassIcon
SetupDiGetDeviceRegistryPropertyW
SetupFindFirstLineW
SetupGetStringFieldW
SetupFindNextLine

ntdll

NtOpenFile
NtSetSystemInformation
_strcmpi
RtlCopyUnicodeString
RtlEqualUnicodeString
RtlSubAuthorityCountSid
RtlLengthRequiredSid
RtlCopySid
RtlSubAuthoritySid
NtPowerInformation
NtDeviceIoControlFile
NtQuerySystemInformation
NtCreateFile
NtOpenKey
NtQueryValueKey
RtlIntegerToUnicodeString
RtlEqualSid
RtlNtStatusToDosError
VerSetConditionMask
NtQuerySystemEnvironmentValue
RtlInitializeSid
NtQuerySymbolicLinkObject
NtClose
RtlUnwind
NtOpenEvent
NtCreateEvent
RtlImageNtHeader
DbgBreakPoint
NtSetSystemEnvironmentValue
NtOpenDirectoryObject
NtQueryDirectoryObject
RtlAppendUnicodeStringToString
RtlInitUnicodeString
NtOpenSymbolicLinkObject

gdi32

SetTextColor
GetDeviceCaps
AddFontResourceW
GetStockObject
CreateFontIndirectW
SelectObject
StretchDIBits
CreateCompatibleDC
GetObjectW
SetBkColor
GetTextExtentPointW
BitBlt
DeleteDC
DeleteObject
SetStretchBltMode
SetBkMode
CreateDIBSection

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
VirtualProtect
VirtualQuery
InterlockedExchange
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleA
HeapReAlloc
GetVersionExA
GetCommandLineA
TlsSetValue
lstrcpynA
LocalReAlloc
UnhandledExceptionFilter
GetCurrentProcessId
QueryPerformanceCounter
FindResourceW
LoadResource
LockResource
GetLogicalDriveStringsW
GlobalMemoryStatusEx
MoveFileW
lstrcpyA
lstrcmpiA
SetThreadLocale
TerminateThread
GetThreadLocale
SetThreadExecutionState
SetComputerNameExW
GetLogicalDrives
IsDebuggerPresent
ExitThread
ExitProcess
CreateEventW
CreateNamedPipeW
SetEvent
ConnectNamedPipe
DisconnectNamedPipe
GetACP
SearchPathW
GetSystemTime
OpenEventW
CopyFileA
DeleteFileA
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryExW
LoadLibraryA
GlobalAlloc
GlobalFree
InitializeCriticalSection
GetUserDefaultLCID
EnumSystemLocalesW
GetLocaleInfoW
IsValidLocale
DnsHostnameToComputerNameW
GetModuleHandleW
GetVersion
FreeLibraryAndExitThread
ReleaseMutex
CreateMutexW
lstrlenA
GetPrivateProfileIntW
GetOEMCP
WaitForSingleObjectEx
RemoveDirectoryW
GetStartupInfoW
GetTempPathW
CopyFileW
CreateFileMappingW
MapViewOfFile
MoveFileExW
GetModuleFileNameW
GetLocalTime
WideCharToMultiByte
OutputDebugStringW
SetUnhandledExceptionFilter
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
CreateDirectoryW
FindNextFileW
GetTempFileNameW
RaiseException
LocalSize
WritePrivateProfileStringW
GetSystemInfo
FormatMessageW
GetFileAttributesW
lstrcmpW
LocalAlloc
GetExitCodeThread
GetCPInfo
LocalFree
GetCurrentThreadId
CreateThread
SetTimeZoneInformation
Sleep
GetDriveTypeW
SetErrorMode
GetFileSize
SetFilePointer
ReadFile
MultiByteToWideChar
FlushFileBuffers
VerifyVersionInfoW
DuplicateHandle
ExpandEnvironmentStringsW
GetLocaleInfoA
CreateProcessW
WaitForSingleObject
GetWindowsDirectoryA
EnumSystemLocalesA
IsValidCodePage
SetStdHandle
CreateFileA
SetEndOfFile
lstrcmpA
GetFullPathNameA
CreateEventA
IsDBCSLeadByte
FormatMessageA
CompareStringW
UnmapViewOfFile
_lwrite
_lcreat
SetFileAttributesA
_lclose
_lread
_llseek
_lopen
GetCurrentThread
SetThreadAffinityMask
GetProcessAffinityMask
GetCurrentProcess
InterlockedIncrement
GetProcAddress
LoadLibraryW
GetPrivateProfileStringW
FreeLibrary
DeleteFileW
SetFileAttributesW
GetWindowsDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
lstrcatW
FindClose
FindFirstFileW
QueryDosDeviceW
CloseHandle
GetLastError
DeviceIoControl
CreateFileW
lstrlenW
GetVolumeInformationW
GetSystemDirectoryW
lstrcpyW
lstrcpynW
GetSystemWindowsDirectoryW
lstrcmpiW
SetLastError
GetDiskFreeSpaceW
GetTimeZoneInformation
GetVersionExW
GetEnvironmentVariableW
GetComputerNameW
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetExitCodeProcess
TerminateProcess

powrprof

SetActivePwrScheme

user32

CharToOemA
GetSysColorBrush
wsprintfA
IsDlgButtonChecked
SendMessageW
SetWindowLongW
CheckRadioButton
PostMessageW
GetParent
EnableWindow
GetDlgItem
CheckDlgButton
LoadStringW
SetDlgItemTextW
DestroyIcon
SendDlgItemMessageW
WinHelpW
wsprintfW
CharLowerW
EndDialog
LoadBitmapW
LoadCursorW
PostThreadMessageW
ShowCursor
SetCursor
DialogBoxParamW
IsWindow
SetFocus
SetTimer
KillTimer
DispatchMessageW
GetMessageW
CharUpperBuffW
GetWindowLongW
LoadIconW
MessageBoxW
CharUpperW
EndPaint
GetClientRect
GetSysColor
DrawTextW
GetSystemMetrics
BeginPaint
DefWindowProcW
UnregisterClassW
RegisterClassW
MsgWaitForMultipleObjects
SetForegroundWindow
SetWindowTextW
ReleaseDC
GetDC
LoadImageW
PostQuitMessage
DestroyWindow
RegisterHotKey
SetShellWindow
ShowWindow
CreateWindowExW
PeekMessageW
WaitMessage
GetKeyboardLayout
GetDlgItemTextW
wvsprintfW
ChangeDisplaySettingsW
EnumDisplaySettingsW
CallWindowProcW
GetDlgCtrlID
UpdateWindow
InvalidateRect
CharUpperA
SendMessageTimeoutW
wvsprintfA
MoveWindow
ClientToScreen
GetWindowRect
GetDesktopWindow
GetAsyncKeyState
GetActiveWindow
FillRect
SetActiveWindow
SetWindowPos
EnableMenuItem
GetSystemMenu
MessageBoxA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

cryptui

I_CryptUIProtect

netapi32

NetApiBufferFree
NetGetJoinInformation
NetUserSetInfo
NetUserGetInfo

rpcrt4

UuidToStringW
UuidFromStringW
UuidCreate
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree
NdrClientCall2
RpcStringFreeW

urlmon

CoInternetParseUrl

imm32

ImmAssociateContext

wintrust

CryptCATClose
CryptCATEnumerateCatAttr
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
IsCatalogFile
CryptCATOpen

Sections

.text
Size: 48KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0526fdd803c5b8a8710f335c53d2e121

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

gdi32

kernel32

powrprof

user32

version

cryptui

netapi32

rpcrt4

urlmon

imm32

wintrust

Sections

.text Size: 48KB - Virtual size: 49KB

.data Size: 205KB - Virtual size: 328KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 48KB - Virtual size: 49KB

.data
Size: 205KB - Virtual size: 328KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 9KB - Virtual size: 9KB