5b9477d8191b7123eb7aad36cd9c384cfc8f56928a79f71b07dd57e70d3c8b43

Sharing

Copy URL Twitter E-mail

General

Target

5b9477d8191b7123eb7aad36cd9c384cfc8f56928a79f71b07dd57e70d3c8b43
Size

175KB
MD5

8c73342f23258557eb9e7451e1e42d59
SHA1

0233ff712a5bfc4c3d5daeed7d30c2e3fe08421b
SHA256

5b9477d8191b7123eb7aad36cd9c384cfc8f56928a79f71b07dd57e70d3c8b43
SHA512

e7bdffdf1c5322d7e3a52332c7ba727637cef75677d7ba61e5d4a3320fc767d5605c79512d57cf7a8d570532a2cd3deb59ee3286d751e623c63310b01d207bf9
SSDEEP

3072:ZmogODPeWElNPYCyry9DSnaaJZWjFRCgo6cAxEoxNXbaNlVzxVOrtL9VF1cTC:ZmPWANPYmDSngRbbZxNrYVOrtL9VF1cT

Score

N/A

Malware Config

Signatures

Files

5b9477d8191b7123eb7aad36cd9c384cfc8f56928a79f71b07dd57e70d3c8b43
.exe windows x86

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaNtStatusToWinError
NotifyBootConfigStatus
RegCloseKey
RegDeleteKeyW
RegEnumValueW
RegOpenCurrentUser
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

oleaut32

SafeArrayGetLBound
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayUnlock
SysAllocStringLen
SysFreeString
SysStringLen
VarCyMul
VariantChangeType
VariantClear
VariantInit
SafeArrayCreate

shlwapi

PathFindFileNameW

rpcrt4

RpcServerUseProtseqEpW
NdrServerCall2
RpcAsyncRegisterInfo
RpcMgmtStopServerListening
RpcMgmtWaitServerListen
RpcServerRegisterIfEx
RpcServerUnregisterIf

shell32

SHCreateDirectoryExW
SHFreeNameMappings
SHGetDesktopFolder
SHAddToRecentDocs

kernel32

_llseek
WriteFileEx
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
SystemTimeToTzSpecificLocalTime
Sleep
SizeofResource
SignalObjectAndWait
SetStdHandle
SetProcessShutdownParameters
SetFilePointer
SetCurrentDirectoryW
RtlUnwind
ResumeThread
ResetEvent
CloseHandle
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteFileW
DeviceIoControl
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindNextFileW
FlushConsoleInputBuffer
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GlobalHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LocalFree
MapViewOfFile
Module32FirstW
MoveFileW
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW

ole32

CoInitialize
CoCreateInstance
CoInitializeEx

user32

GetMessageW
PostQuitMessage
SetTimer

setupapi

SetupUninstallOEMInfW
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupGetStringFieldW
SetupGetFieldCount
SetupDiSetDeviceInstallParamsW
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
CM_Add_Empty_Log_Conf_Ex
CM_Free_Log_Conf_Ex
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiGetDeviceRegistryPropertyW

Exports

Exports

BeginTransaction
CreateSystemHandleName
IsDigit
OpenWFileStreamWithFlagsW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

oleaut32

shlwapi

rpcrt4

shell32

kernel32

ole32

user32

setupapi

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 405B

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 405B