f555c6347e907df2f1cf6fae2ec98ad0b4bb6d16e883b4c8367ccf4d4228f5ff

Sharing

Copy URL

Twitter E-mail

General

Target

f555c6347e907df2f1cf6fae2ec98ad0b4bb6d16e883b4c8367ccf4d4228f5ff
Size

150KB
MD5

71cdbb02a5e8802f3b70c7e104b6667f
SHA1

f99ae9bf2dea98e755936867088f580e6cd474c0
SHA256

f555c6347e907df2f1cf6fae2ec98ad0b4bb6d16e883b4c8367ccf4d4228f5ff
SHA512

0ab29a5abc83bc5331650653b73da277fe42106f8d40ebdc825502d40e837ef2226bd0840ef5b4af7c5155a2ec0f81eefe8f6618142b169d9cfdfff8dc251204
SSDEEP

3072:fPQePH/J5f7kcyqowyFoSa2mu5XUiCXJeZmTDxLAMx8GL+rKk+:fz4LqZSlviP3JAlW+rK3

Score

N/A

Malware Config

Signatures

Files

f555c6347e907df2f1cf6fae2ec98ad0b4bb6d16e883b4c8367ccf4d4228f5ff
.dll windows x86

7189e1712fecb2be62660360eab4eeb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetOverlappedResult
GetProcAddress
GetShortPathNameW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetVersionExA
GetVolumeInformationW
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedExchange
IsBadReadPtr
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFileTimeToFileTime
MapUserPhysicalPagesScatter
MapViewOfFile
MultiByteToWideChar
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
GetModuleHandleA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW
RequestWakeupLatency
ResetEvent
ResumeThread
RtlUnwind
SetEndOfFile
SetErrorMode
SetLastError
SetThreadLocale
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteFile
lstrcmpiA
lstrcpyW
lstrlenW
GetLastError
GetHandleInformation
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesA
GetExitCodeThread
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleFontSize
GetComputerNameExW
GetACP
FreeLibrary
FormatMessageW
FindNextChangeNotification
FindFirstFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindClose
FileTimeToSystemTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnterCriticalSection
DisconnectNamedPipe
DeviceIoControl
DeleteTimerQueueTimer
DeleteFileW
DeleteCriticalSection
CreateThread
CreateTapePartition
CreatePipe
CreateNamedPipeW
CreateFileW
CreateFileA
CreateDirectoryW
ConnectNamedPipe
CloseHandle
Process32First
CancelIo

shell32

SHGetFolderPathW

advapi32

SetSecurityDescriptorDacl
SetSecurityDescriptorControl
SetEntriesInAclW
RevertToSelf
ReportEventW
RegisterServiceCtrlHandlerExA
RegisterEventSourceW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
OpenServiceW
OpenSCManagerW
OpenProcessToken
MapGenericMask
InitializeSecurityDescriptor
InitializeAcl
ImpersonateSelf
ImpersonateNamedPipeClient
GetUserNameW
GetTokenInformation
GetSecurityDescriptorSacl
GetNamedSecurityInfoW
GetLengthSid
GetFileSecurityW
GetExplicitEntriesFromAclW
FreeSid
DeregisterEventSource
DeleteService
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CryptAcquireContextA
CreateServiceW
CloseServiceHandle
AddAccessAllowedAce
AccessCheck
SetServiceStatus
StartServiceCtrlDispatcherA
SetSecurityDescriptorOwner

ws2_32

bind
accept
__WSAFDIsSet
WSCEnableNSProvider
closesocket
connect
send
select
listen
ioctlsocket
inet_addr
getsockopt
getsockname
gethostname

user32

LookupIconIdFromDirectory
MessageBoxW
MsgWaitForMultipleObjectsEx
NotifyWinEvent
PeekMessageA
RegisterDeviceNotificationA
wsprintfW
CharUpperA

ole32

CoInitialize
CoQueryProxyBlanket
CoSetProxyBlanket
CoTaskMemFree
CoUninitialize
WriteClassStm
CoCreateInstance

setupapi

SetupOpenMasterInf
SetupDiSetSelectedDriverW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetDeviceInstallParamsW
SetupDiOpenDeviceInfoA
SetupDiGetDriverInfoDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInstallParamsW
SetupDiGetClassDevsA
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
CM_Request_Device_EjectW
CM_Locate_DevNodeA
CM_Get_Sibling
CM_Get_Parent
CM_Get_Next_Log_Conf
CM_Get_Device_ID_Size
CM_Get_Device_IDA
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Registry_PropertyA
CM_Get_Depth
CM_Get_Child
CMP_UnregisterNotification
CM_Add_Empty_Log_Conf
CM_Free_Log_Conf_Handle

Exports

Exports

Alloc
EndSession
FIsValidFileNameCharA
GetRichEdClassStringW
PixelMap

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7189e1712fecb2be62660360eab4eeb2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

advapi32

ws2_32

user32

ole32

setupapi

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 1008B