eec3eb10d421b7815fcff9a4fcc73b9e989abca3d90b8d27f195cd58951f6325

Sharing

Copy URL Twitter E-mail

General

Target

eec3eb10d421b7815fcff9a4fcc73b9e989abca3d90b8d27f195cd58951f6325
Size

354KB
MD5

6d24ad23619f18e45ee18c84427eb7ba
SHA1

206dca37b63e8718e9af279abd587e4480697ae6
SHA256

eec3eb10d421b7815fcff9a4fcc73b9e989abca3d90b8d27f195cd58951f6325
SHA512

9b6b2bb01cfc7e982b8a50ac1bdadab789eb69a6dec911af9d80ebcd7eb2a1ae6f2f2d6821fd00fd1f01f067c634646b602d81884b52dd71ad4c3d9d3ad7ed5a
SSDEEP

6144:5Z5NizaRJ8hPSQ06DqAqP0IJrkR+mGKd2NfEbEn95Sa5QTeDC2YffmtEeC8CFIQy:53BJ8hPg3jJGrdce49MAFDsfbH9+xMAV

Score

N/A

Malware Config

Signatures

Files

eec3eb10d421b7815fcff9a4fcc73b9e989abca3d90b8d27f195cd58951f6325
.exe windows x86

9497a97e07692894d3baaf0d76b3d91e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

?terminate@@YAXXZ
wcslen
_CxxThrowException
wcscpy
wcscmp
_vsnwprintf
free
malloc
_initterm
_adjust_fdiv
_onexit
__dllonexit
__CxxFrameHandler
_except_handler3
??1type_info@@UAE@XZ

kernel32

CreateProcessA
GetLastError
GetDiskFreeSpaceExA
DeviceIoControl
CreateFileA
GetDriveTypeA
GlobalMemoryStatus
GetComputerNameA
WideCharToMultiByte
WriteFile
GetFileSize
GetSystemWindowsDirectoryA
GetModuleFileNameA
FormatMessageA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetLocaleInfoA
GetNumberFormatA
GlobalFree
GetDateFormatA
FileTimeToSystemTime
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
GetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
Sleep
GlobalUnlock
GlobalLock
GlobalAlloc
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
GetFileAttributesA
IsProcessorFeaturePresent
GetSystemDirectoryA
FindClose
FindFirstFileA
SetErrorMode
MultiByteToWideChar
SearchPathA
WaitForSingleObject
InterlockedCompareExchange
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadReadPtr
GetWindowsDirectoryA
DelayLoadFailureHook
LocalAlloc
CloseHandle
LocalFree
lstrcpyA
lstrlenA
lstrcmpiA
GetCommandLineA
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
lstrcpynA
lstrcatA
SetLastError

user32

GetMessagePos
GetClientRect
SetWindowPos
BeginDeferWindowPos
GetWindowRect
MapWindowPoints
DeferWindowPos
EndDeferWindowPos
GetKeyState
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetSysColor
EndDialog
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
GetSystemMetrics
GetClassInfoW
RegisterClassW
RegisterWindowMessageW
SetTimer
KillTimer
DefWindowProcW
IsWindow
LoadCursorW
SetCursor
FindWindowExW
InvalidateRect
CharNextW
wvsprintfW
GetWindowLongW
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CheckDlgButton
GetCursorPos
ScreenToClient
ChildWindowFromPoint
GetDlgCtrlID
IsWindowEnabled
WinHelpW
GetFocus
SetFocus
wsprintfW
ShowWindow
EnableWindow
SendMessageW
IsDlgButtonChecked
ExitWindowsEx
SetDlgItemTextW
SendDlgItemMessageW
DestroyIcon
GetParent
PostMessageW
SetWindowLongW
GetDlgItem
LoadBitmapW
LoadIconW
LoadStringW
MessageBoxW
SetForegroundWindow
CreateWindowExA
CreateDialogParamA
DialogBoxParamA
RegisterClipboardFormatA

ole32

ReleaseStgMedium
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

advapi32

RegOpenKeyExA
RegQueryValueExA
RegConnectRegistryW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

gdi32

EndDoc
AbortDoc
StartDocW
DeleteObject
TextOutW
EndPage
SetAbortProc
GetDeviceCaps
GetTextMetricsW
DeleteDC
StartPage

setupapi

CM_Free_Log_Conf_Handle
CM_Free_Res_Des_Handle
CM_Get_Next_Res_Des_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Hardware_Profile_Info_ExW
CM_Get_HW_Prof_Flags_ExW
CM_Reenumerate_DevNode_Ex
CM_Get_First_Log_Conf_Ex
CM_Get_DevNode_Status_Ex
CM_Open_DevNode_Key_Ex
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Locate_DevNode_ExW
CM_Get_Sibling_Ex
CM_Get_Child_Ex
CM_Get_Parent_Ex
SetupDiDestroyDeviceInfoList
SetupDiGetClassImageIndex
SetupDiLoadClassIcon
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceRegistryPropertyW
SetupDiChangeState
SetupDiGetClassDevPropertySheetsW
CM_Connect_MachineW
CM_Open_Class_Key_ExW
CM_Disconnect_Machine
pSetupStringFromGuid
pSetupGuidFromString
SetupDiOpenClassRegKeyExW
SetupDiSetClassInstallParamsW
SetupDiGetClassInstallParamsW
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
CM_Get_Device_ID_List_Size_ExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiEnumDeviceInfo
SetupDiSetDeviceInstallParamsW
SetupDiGetClassDevsExW
SetupDiBuildClassInfoListExW
SetupDiGetDeviceInstanceIdW
SetupDiGetClassDevsW
SetupDiGetClassImageList
SetupDiGetClassDescriptionW
SetupDiGetClassImageListExW
SetupDiDestroyClassImageList
SetupVerifyInfFileW
SetupDiClassNameFromGuidExW
pSetupDoesUserHavePrivilege
SetupDiSetSelectedDriverW
SetupQueueCopyW
SetupDiGetSelectedDriverW
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiDestroyDriverInfoList
CM_Get_Device_ID_List_ExW
SetupCloseFileQueue
SetupScanFileQueueW
SetupOpenFileQueue
SetupDiGetClassDescriptionExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shell32

ShellExecuteExW
ShellExecuteW
ord245
ord730

shlwapi

StrCmpNIA
StrNCatA
StrCpyNW
StrRChrA
StrToIntA

wmi

WmiSetSingleInstanceW
WmiDevInstToInstanceNameW
WmiOpenBlock
WmiQuerySingleInstanceW
WmiCloseBlock

mpr

WNetCancelConnection2W

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 161KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9497a97e07692894d3baaf0d76b3d91e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

advapi32

gdi32

setupapi

version

shell32

shlwapi

wmi

mpr

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 170KB - Virtual size: 172KB

.data Size: 2KB - Virtual size: 4KB

.tls Size: 1024B - Virtual size: 4KB

.CRT Size: 161KB - Virtual size: 164KB

.rsrc Size: 11KB - Virtual size: 448KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 170KB - Virtual size: 172KB

.data
Size: 2KB - Virtual size: 4KB

.tls
Size: 1024B - Virtual size: 4KB

.CRT
Size: 161KB - Virtual size: 164KB

.rsrc
Size: 11KB - Virtual size: 448KB