42289457d9f868faab2443f7512bd896f9d47a6f12fe0f714e21cec48c77711d

Sharing

Copy URL Twitter E-mail

General

Target

42289457d9f868faab2443f7512bd896f9d47a6f12fe0f714e21cec48c77711d
Size

158KB
MD5

ed80ecb69320ade27b4ca8949d0d3cfd
SHA1

65c0a7399dd2d40dc90faf9bfece2d190e2fb3b6
SHA256

42289457d9f868faab2443f7512bd896f9d47a6f12fe0f714e21cec48c77711d
SHA512

c25843f886631663ff25afd36caa282a225e353e1a35f8c52a536b28f951b1588702f641379c49bda09ed85b32f55b6621d839624de6e06202a06719cdfe1f63
SSDEEP

3072:O2PZSUAgDyn9Y/yhh2ozCLeGaag79J1pa4qGj5ty9SGzk:vSdjn9YaV4/Hg7jaSVI9SGzk

Score

N/A

Malware Config

Signatures

Files

42289457d9f868faab2443f7512bd896f9d47a6f12fe0f714e21cec48c77711d
.exe windows x86

8358b810ecdf3e97ff2b4181f5066ec1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiSetDeviceRegistryPropertyW
CM_Get_Child
CM_Get_Depth
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDA
CM_Get_Device_ID_Size
CM_Get_First_Log_Conf
CM_Get_Parent
CM_Get_Sibling
CM_Locate_DevNodeA
CM_Move_DevNode_Ex
CM_Request_Device_EjectW
CM_Set_HW_Prof
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoList
SetupDiDeleteDeviceInterfaceData
SetupDiDestroyDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiEnumDriverInfoW
SetupDiGetClassDevsA
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiSetSelectedDevice
CM_Add_Res_Des
SetupDiSetDeviceInterfaceDefault
SetupDiSetDeviceInstallParamsW
SetupDiOpenDeviceInfoA

user32

MsgWaitForMultipleObjectsEx
PeekMessageA
UnregisterDeviceNotification
MessageBoxW
GetUpdateRect
CharUpperA

shell32

SHGetFolderPathW

ws2_32

WSAAccept
WSAAsyncGetServByPort
WSAGetLastError
__WSAFDIsSet
accept
bind
connect
getsockname
getsockopt
inet_addr
ioctlsocket
recv
select

ole32

CLSIDFromString
CoCreateInstance
CoCreateObjectInContext
CoInitialize
CoQueryProxyBlanket
CoSetProxyBlanket
CoUninitialize
HBRUSH_UserMarshal

kernel32

lstrlenW
lstrcmpiA
_lopen
_lcreat
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFreeEx
VirtualFree
VirtualAlloc
UnmapViewOfFile
TryEnterCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
Sleep
SizeofResource
SignalObjectAndWait
SetUnhandledExceptionFilter
SetThreadPriorityBoost
SetLastError
SetFilePointer
SetEvent
Beep
CloseHandle
ConnectNamedPipe
CreateFileA
CreateFileMappingA
CreateNamedPipeW
CreateThread
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
EraseTape
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeLibrary
GetACP
GetCommMask
GetComputerNameExW
GetConsoleFontSize
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetHandleInformation
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetOverlappedResult
GetProcAddress
GetShortPathNameW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultUILanguage
GetVersionExA
GetVolumeInformationW
HeapDestroy
HeapUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
Module32FirstW
MoveFileW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
ProcessIdToSessionId
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReadFileScatter
RemoveDirectoryW
ResetEvent
SetCommBreak
SetEndOfFile

advapi32

SystemFunction015
SystemFunction011
StartServiceCtrlDispatcherA
SetServiceStatus
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
SetEntriesInAclW
RevertToSelf
ReportEventW
RegisterEventSourceW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCloseKey
OpenServiceW
OpenSCManagerW
MapGenericMask
LsaLookupSids
LsaGetQuotasForAccount
IsValidSid
InitializeSecurityDescriptor
ImpersonateSelf
ImpersonateNamedPipeClient
GetUserNameW
GetTokenInformation
GetNamedSecurityInfoW
GetFileSecurityW
GetExplicitEntriesFromAclW
FreeSid
FreeEncryptionCertificateHashList
EqualSid
DeregisterEventSource
DeleteService
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CreateServiceW
ConvertToAutoInheritPrivateObjectSecurity
CloseServiceHandle
AllocateAndInitializeSid
AccessCheck

Exports

Exports

AInputStream
DrawPixels
EndExternalBackup
GetRichEdClassStringW
HrStreamSeekCur
UpdateTextureState

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 895B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8358b810ecdf3e97ff2b4181f5066ec1

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

user32

shell32

ws2_32

ole32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 895B

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 895B