63d2c62ce9376f87c4623511a027ff0ca20e3b61591b9f50bc235ac6b8156ce7

Sharing

Copy URL Twitter E-mail

General

Target

63d2c62ce9376f87c4623511a027ff0ca20e3b61591b9f50bc235ac6b8156ce7
Size

492KB
MD5

21194bfebb5e3325370aaf3cdd90a980
SHA1

ac6fc7db0452e7a27fc1f4cb1ea6e493535d5dbd
SHA256

63d2c62ce9376f87c4623511a027ff0ca20e3b61591b9f50bc235ac6b8156ce7
SHA512

1dc78c8ea6220ae24a6ffdeef9d87acf1aa4f08b566d4eefc1b2ab12886b563a8b6162a27a1d0f64af60c044a71d74e58d8ee72ce786019bffa4f56d454440f1
SSDEEP

12288:siUeFZpbZobb0JB0Pl+XQaYT3GJF6O4XG2R:si9FOGQSJdj

Score

N/A

Malware Config

Signatures

Files

63d2c62ce9376f87c4623511a027ff0ca20e3b61591b9f50bc235ac6b8156ce7
.dll windows x86

72def3f0f10b77f963490e34fb129310

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarUI4FromStr
SysStringLen
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

ole32

CoInitialize
CoTaskMemRealloc
PropVariantClear
CoTaskMemAlloc
StringFromGUID2
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance

setupapi

CM_Get_Parent
SetupDiGetClassDevsW
CM_Get_Child
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Sibling
CM_Get_Device_IDW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyW

kernel32

GetTickCount
InterlockedExchange
InterlockedCompareExchange
GetCurrentProcessId
GlobalFree
EnterCriticalSection
GetOverlappedResult
GetExitCodeThread
InterlockedDecrement
SetWaitableTimer
GetModuleHandleA
TerminateProcess
OutputDebugStringA
WideCharToMultiByte
GetLastError
FreeLibrary
DeviceIoControl
SetThreadLocale
CloseHandle
GetModuleHandleW
GetModuleFileNameW
LocalFree
WaitForMultipleObjects
CreateWaitableTimerW
QueryPerformanceCounter
SetUnhandledExceptionFilter
GlobalAlloc
ResetEvent
GetDateFormatA
Sleep
LoadResource
DeleteCriticalSection
LeaveCriticalSection
FindResourceW
CreateMutexW
GetCurrentThreadId
CancelWaitableTimer
lstrcmpiW
MultiByteToWideChar
RaiseException
CreateEventW
ReleaseMutex
GetThreadLocale
lstrlenW
WaitForSingleObject
LocalAlloc
UnhandledExceptionFilter
CreateThread
SetEvent
GetSystemTimeAsFileTime
ReadFile
VirtualAlloc
GetVersionExA
SizeofResource
InterlockedIncrement
InitializeCriticalSection
CreateFileW

Exports

Exports

CollObjectWithKeywords
InPlaceXor
Int_ClearFreeList
Proxy_Type
State_New
StopIteration
_flags
get_tRNS
vGetTokenW

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72def3f0f10b77f963490e34fb129310

Headers

File Characteristics

Imports

oleaut32

ole32

setupapi

advapi32

kernel32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 96KB - Virtual size: 94KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 96KB - Virtual size: 94KB

.reloc
Size: 8KB - Virtual size: 6KB