04b7596f812b6761381adcd71230c671b04f20cad7601b8e435b5e236927a86c

Sharing

Copy URL Twitter E-mail

General

Target

04b7596f812b6761381adcd71230c671b04f20cad7601b8e435b5e236927a86c
Size

856KB
MD5

6cdbf0b64398572c2a734df83658fe60
SHA1

07c5cecd3506ca6a3866c44a8fe0976ea22222b8
SHA256

04b7596f812b6761381adcd71230c671b04f20cad7601b8e435b5e236927a86c
SHA512

577e5d46592eb7b55cd129e1e87ac1419a664dff737046ad41536dcf652dd2a605452e6e764591ecf314b9bab329cc9faa28936b6a121c37ceb88055f625aa02
SSDEEP

12288:3043Foy6Rpfa1Dv451/RA9/iW9ux3F09fF9vMib/GtSSJ+51E9Oad13XvqhghXzj:3D1oNRXl1M9rw13ChghlJ+biUP4e4

Score

N/A

Malware Config

Signatures

Files

04b7596f812b6761381adcd71230c671b04f20cad7601b8e435b5e236927a86c
.dll windows x86

fc63eee93d9777123109d979756ac36b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyW

oleaut32

SysAllocString
RegisterTypeLi
SysStringLen
LoadTypeLi
SysFreeString
VarUI4FromStr
UnRegisterTypeLi

kernel32

LocalAlloc
CreateFileW
GetDateFormatA
GetModuleFileNameW
TerminateProcess
GlobalAlloc
SetEvent
WaitForSingleObject
EnterCriticalSection
GetModuleHandleW
GetCurrentProcessId
CloseHandle
WideCharToMultiByte
GetThreadLocale
MultiByteToWideChar
GetModuleHandleA
LoadResource
FindResourceW
QueryPerformanceCounter
InterlockedDecrement
UnhandledExceptionFilter
RaiseException
GetExitCodeThread
lstrcmpiW
LeaveCriticalSection
InitializeCriticalSection
CreateWaitableTimerW
GetTickCount
CreateThread
CancelWaitableTimer
WaitForMultipleObjects
InterlockedExchange
SizeofResource
GetVersionExA
InterlockedIncrement
OutputDebugStringA
GetOverlappedResult
GetLastError
Sleep
GlobalFree
ReleaseMutex
ResetEvent
InterlockedCompareExchange
SetThreadLocale
SetUnhandledExceptionFilter
LocalFree
GetCurrentThreadId
CreateMutexW
FreeLibrary
DeviceIoControl
VirtualAlloc
ReadFile
GetSystemTimeAsFileTime
CreateEventW
SetWaitableTimer
lstrlenW
DeleteCriticalSection

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoTaskMemAlloc
PropVariantClear
StringFromGUID2
CoTaskMemRealloc
CoInitialize

setupapi

CM_Get_Sibling
CM_Get_Child
SetupDiGetDeviceInterfaceDetailW
CM_Locate_DevNodeW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
CM_Get_Parent
CM_Get_Device_IDW
SetupDiGetClassDevsW
CM_Get_DevNode_Registry_PropertyW

Exports

Exports

AnyFileExFlags
Repr
Set_New
get_gAMA_fixed
get_pHYs
set_read_fn

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc63eee93d9777123109d979756ac36b

Headers

File Characteristics

Imports

advapi32

oleaut32

kernel32

ole32

setupapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 448KB - Virtual size: 448KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 448KB - Virtual size: 448KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 8KB - Virtual size: 7KB