e5d796abde5eb4c5df9d6bdf426f54a0abbcb07488dca0a688cc8f0cabecf1b5

Sharing

Copy URL Twitter E-mail

General

Target

e5d796abde5eb4c5df9d6bdf426f54a0abbcb07488dca0a688cc8f0cabecf1b5
Size

1.5MB
MD5

0f9c4be776c97c23fe99f406ee8a4c87
SHA1

28d63308d52256253eec54dca0e02b5921b28406
SHA256

e5d796abde5eb4c5df9d6bdf426f54a0abbcb07488dca0a688cc8f0cabecf1b5
SHA512

a3f88ff491cd94e1e5771890a2933da667c825ed9414b9cbe27674bd0278d97814408ffa8202e8813256a22ed91f08bde2312e369f41146629fdd004ec8f822a
SSDEEP

24576:Uwj/cKchOJ/e3xbGDQyr44hKHCve/JkumvRbTEZuVWpZ4I6O1ws:tESrkQEDC

Score

N/A

Malware Config

Signatures

Files

e5d796abde5eb4c5df9d6bdf426f54a0abbcb07488dca0a688cc8f0cabecf1b5
.dll windows x86

fd584239f831341fc0e28b251dd71e70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

socket
ntohl
htonl
gethostname

user32

keybd_event
LoadStringA
GetKeyboardType
EnumThreadWindows
DdeCreateDataHandle
CharNextA

advapi32

RegOpenKeyExA
CopySid
AreAllAccessesGranted
RegQueryValueExA

kernel32

WaitForSingleObjectEx
WaitForSingleObject
VirtualFreeEx
WideCharToMultiByte
VirtualAlloc
VerSetConditionMask
TlsSetValue
_lopen
lstrcpynA
VirtualFree
GlobalDeleteAtom
AllocConsole
ChangeTimerQueueTimer
CloseHandle
CompareStringA
ConvertDefaultLocale
CreateEventA
CreateFileA
DeleteCriticalSection
DeleteTimerQueueEx
EnterCriticalSection
EscapeCommFunction
ExitProcess
FillConsoleOutputAttribute
FindClose
FindFirstFileA
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
FreeResource
FreeUserPhysicalPages
GetACP
GetCPInfo
GetCommandLineA
GetConsoleDisplayMode
GetCurrentConsoleFont
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetHandleInformation
GetLastError
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessShutdownParameters
GetProcessWorkingSetSize
GetStringTypeA
GetStringTypeExA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTapePosition
GetTapeStatus
GetThreadLocale
GetThreadPriority
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
TlsFree
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
Heap32ListNext
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByte
IsDBCSLeadByteEx
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadModule
LocalAlloc
LocalFree
LocalReAlloc
LockFileEx
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ResetEvent
RtlUnwind
SetEvent
SetFilePointer
SetFilePointerEx
SetHandleCount
SetLastError
SetProcessWorkingSetSize
SetThreadContext
SetThreadExecutionState
SetUnhandledExceptionFilter
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateJobObject

oleaut32

VarI1FromDate
VarR4FromI2
VariantChangeType
VariantCopyInd
VariantInit
VarCmp
UnRegisterTypeLi
SysReAllocStringLen
SysAllocStringLen
SafeArrayPutElement
VarCyFromUI4
GetErrorInfo
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetUBound

setupapi

SetupCloseInfFile
CM_Set_DevNode_Problem
CM_Get_Sibling
CM_Free_Log_Conf_Ex
SetupUninstallNewlyCopiedInfs
SetupOpenLog

Exports

Exports

GetPointer
InPlaceAdd
String_AsString
read_end
vInit

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd584239f831341fc0e28b251dd71e70

Headers

File Characteristics

Imports

wsock32

user32

advapi32

kernel32

oleaut32

setupapi

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 197KB - Virtual size: 197KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 197KB - Virtual size: 197KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 5KB - Virtual size: 5KB