a4b811550ab8714849981b5ef287a0b9a589777185278ee3fdbb4bd1c55a9e99

Sharing

Copy URL Twitter E-mail

General

Target

a4b811550ab8714849981b5ef287a0b9a589777185278ee3fdbb4bd1c55a9e99
Size

41KB
MD5

4ccb680765e3e82c4f4ca31472fa0c4d
SHA1

5c65e070aeb8af2ce0eb5c7ece18977104961560
SHA256

a4b811550ab8714849981b5ef287a0b9a589777185278ee3fdbb4bd1c55a9e99
SHA512

622c616bcdb19578112a0b836b302eadc2af63efc39bd4574c893ed3d04bc185e2536bf5189d390e5348f0c88772206357bcd320fd2b91cac97fcdfc1ae99f20
SSDEEP

768:SSg3KCt7JDs106//8/2BXY9U3gVxF2dDndwWeJggjG/yzsasasascC:SS+Jt7JIaE/8+Bo91VxF4DndDAi/4saY

Score

N/A

Malware Config

Signatures

Files

a4b811550ab8714849981b5ef287a0b9a589777185278ee3fdbb4bd1c55a9e99
.exe windows x86

85c4d16724b2a80cd7667503591896b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Get_Device_Interface_List_ExW
CM_Free_Res_Des_Ex
CMP_Report_LogOn
CM_Add_Res_Des
CM_Create_DevNode_ExA
CM_Get_Device_ID_List_SizeA
CM_Get_Device_ID_List_SizeW
CM_Query_Arbitrator_Free_Size
CM_Create_DevNodeA
CM_Remove_SubTree_Ex
CM_Get_Class_Key_NameW
CM_Unregister_Device_Interface_ExA
CM_Get_DevNode_Status
CM_Remove_SubTree
CM_Move_DevNode
CM_Set_HW_Prof
CM_Get_Device_Interface_List_ExA
CM_Get_Hardware_Profile_InfoW
CM_Set_Class_Registry_PropertyA
CM_Get_Class_Name_ExW
CM_Request_Eject_PC_Ex
CM_Get_Device_ID_ExA
CM_Get_HW_Prof_Flags_ExA
CM_Enumerate_Classes_Ex
CM_Get_Version_Ex
CM_Get_Child
CM_Find_Range
CM_Get_Class_NameW
CM_Connect_MachineW
CM_Delete_Class_Key_Ex
CM_Get_Depth_Ex
CM_Get_Device_Interface_List_Size_ExA
CM_Run_Detection_Ex
CM_Unregister_Device_InterfaceA
CM_Add_ID_ExW
CM_Get_Resource_Conflict_DetailsA
CM_Query_Remove_SubTree_Ex
CM_Add_IDW
CM_Enable_DevNode
CM_Add_Empty_Log_Conf
CM_Free_Log_Conf_Handle
CM_Create_DevNodeW
CM_Add_Res_Des_Ex
CM_Enumerate_EnumeratorsA
CM_Delete_Class_Key
CM_Get_Device_ID_List_ExW
CM_Enumerate_Enumerators_ExA
CM_Get_Depth
CM_Add_ID_ExA
CM_Get_Hardware_Profile_InfoA
CM_Register_Device_Interface_ExW

kernel32

HeapWalk
EndUpdateResourceA
GetCommandLineA
GetOEMCP
RemoveDirectoryA
WriteProcessMemory
FindResourceExW
ClearCommError
GetModuleHandleA
EndUpdateResourceW
GetSystemDefaultUILanguage
LoadLibraryW
GetTempPathW
IsBadStringPtrW
GetVolumeInformationA

quartz

AMGetErrorTextA
DllRegisterServer
AMGetErrorTextW
DBToAmpFactor

crtdll

_mbsstr
_mkdir
_ismbbtrail
_pclose
fgetc
labs
_strinc
_winmajor_dll
_environ_dll
_getcwd
__dllonexit
_clearfp
_CIexp
_fpreset
gets
_baseminor_dll

w32topl

ToplEdgeAssociate
ToplVertexSetParent
ToplEdgeFree
ToplEdgeSetFromVertex
ToplSTHeapAdd
ToplIterCreate
ToplHeapIsElementOf
ToplScheduleMerge
ToplVertexGetParent

user32

GetCaretPos
DdeAccessData
SetWindowRgn
FindWindowW
UpdateWindow
IsDialogMessage
ChangeClipboardChain
PaintDesktop
SetDebugErrorLevel
EnumDisplayDevicesA
MsgWaitForMultipleObjects
IsWindowEnabled
GetScrollPos

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85c4d16724b2a80cd7667503591896b8

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

kernel32

quartz

crtdll

w32topl

user32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 300B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 300B

.rsrc
Size: 5KB - Virtual size: 4KB