a7dcc4791447dbf4b7cb6df74ddf5802cb706d177c1a15fdffb9581ce60dd34d

Sharing

Copy URL Twitter E-mail

General

Target

a7dcc4791447dbf4b7cb6df74ddf5802cb706d177c1a15fdffb9581ce60dd34d
Size

204KB
MD5

634bb4e650e9034960efcca4a0a5fb1e
SHA1

62c6e40fde59711ae3d672954eacbe7ed61156f7
SHA256

a7dcc4791447dbf4b7cb6df74ddf5802cb706d177c1a15fdffb9581ce60dd34d
SHA512

dbb2f1d52ea47e33b21575826261952fcd6cae84c875f38f51eaf3c9ab2e110619c45ea54f0fceefaf8c753677398a3db3cc781bbf091bdf077807bae0d95902
SSDEEP

3072:WgG1Z3K2IRCAjY9UV8MUnRn4n3cDIlMBOceIBh3LE7fEVJeS5ZKZqMkF2VZ29:oJaRzU99fRn4n3cKoOQ7E7MVJdODro

Score

N/A

Malware Config

Signatures

Files

a7dcc4791447dbf4b7cb6df74ddf5802cb706d177c1a15fdffb9581ce60dd34d
.dll regsvr32 windows x86

a6008f0cd91bac609909ce6b3acaffad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateEventA
GetLastError
SetLastError
IsBadWritePtr
WriteFile
CancelIo
CreateThread
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DisableThreadLibraryCalls
Sleep
CreateFileA
CloseHandle
HeapFree
DebugBreak
SetEvent
lstrlenW
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetOverlappedResult

user32

PeekMessageA
MsgWaitForMultipleObjects
DefWindowProcA
PostQuitMessage
CreateWindowExA
SetWindowPos
UpdateWindow
LoadCursorA
RegisterClassExA
PostThreadMessageA
GetMessageA

oleaut32

SafeArrayAccessData
SysFreeString
LoadRegTypeLi
SysStringLen
VariantClear
SafeArrayUnaccessData
VariantInit
SafeArrayGetElement

cfgmgr32

CM_Get_Device_ID_Size
CM_Get_Device_IDA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetPreparsedData
HidP_UnsetUsages
HidP_SetUsages
HidD_GetAttributes
HidD_GetHidGuid
HidP_MaxUsageListLength

atl

ord58
ord16
ord23
ord21
ord15
ord18
ord57
ord32
ord30

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6008f0cd91bac609909ce6b3acaffad

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

cfgmgr32

setupapi

hid

atl

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 172KB - Virtual size: 168KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 858B

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 172KB - Virtual size: 168KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 858B