1c6bbdc1d020668f262e337c0f87075ba3d6651171502514ac2c41fa53b9a37f

Sharing

Copy URL Twitter E-mail

General

Target

1c6bbdc1d020668f262e337c0f87075ba3d6651171502514ac2c41fa53b9a37f
Size

864KB
MD5

abd0c179b1f7b45e76bf82fc19f71070
SHA1

909b2f2215c088a38c0688927021293f9d4d987d
SHA256

1c6bbdc1d020668f262e337c0f87075ba3d6651171502514ac2c41fa53b9a37f
SHA512

243e410f833f77d13bd0455b1379a8803a7d4040b25c163b516d5f79b03c014c75e092565d8cb2ecb6ec3f8a46cdbab0fe2c0d59397f88ad3ea92cc03d24f0bb
SSDEEP

12288:254BNnAZkF70Z0f5SuXpK7mIGzzaHr4yIvuqEF5p+lWKFVth3d4Jf237MdOVqUkw:hB0oeP2NYUkaeeROBnnI83KQ

Score

N/A

Malware Config

Signatures

Files

1c6bbdc1d020668f262e337c0f87075ba3d6651171502514ac2c41fa53b9a37f
.dll windows x86

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
SysStringLen
SysAllocString
VarUI4FromStr

setupapi

SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_Child
SetupDiGetClassDevsW
CM_Get_Parent
CM_Get_Sibling
SetupDiEnumDeviceInterfaces
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW

ole32

CoInitializeEx
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
StringFromGUID2
CoUninitialize

advapi32

RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

kernel32

lstrcmpiW
InterlockedExchange
SetWaitableTimer
GetTickCount
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
ReleaseMutex
ResetEvent
DeleteCriticalSection
GetSystemTimeAsFileTime
FreeLibrary
GlobalFree
GetModuleHandleA
GetThreadLocale
TerminateProcess
GetLastError
ReadFile
Sleep
GetDateFormatA
RaiseException
VirtualAlloc
OutputDebugStringA
SizeofResource
GetExitCodeThread
InterlockedIncrement
DeviceIoControl
GetVersionExA
GlobalAlloc
CreateWaitableTimerW
CreateFileW
CloseHandle
WaitForMultipleObjects
QueryPerformanceCounter
GetCurrentProcessId
MultiByteToWideChar
CreateThread
InterlockedDecrement
CreateMutexW
InitializeCriticalSection
lstrlenW
GetCurrentThreadId
LocalAlloc
EnterCriticalSection
FindResourceW
LocalFree
WaitForSingleObject
GetOverlappedResult
CancelWaitableTimer
CreateEventW
LeaveCriticalSection
LoadResource
SetEvent
SetThreadLocale
InterlockedCompareExchange
GetModuleHandleW

Exports

Exports

GetBuiltins
Instance_Type
List_Reverse
Long_AsSsize_t
_CheckStack
get_signature
set_write_status_fn

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed1875c0344e8166cde7aa731b3ba46

Headers

File Characteristics

Imports

oleaut32

setupapi

ole32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 448KB - Virtual size: 448KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 8KB - Virtual size: 7KB