9fc402316711be3a04989e576c00cff9c3d4ade5151f9c3bd640140efe75a2ef

Sharing

Copy URL Twitter E-mail

General

Target

9fc402316711be3a04989e576c00cff9c3d4ade5151f9c3bd640140efe75a2ef
Size

504KB
MD5

47320b005f4fdd3f8180c0adea1ef930
SHA1

d86777e78cfab67307e04b009191da93dcc9f9ae
SHA256

9fc402316711be3a04989e576c00cff9c3d4ade5151f9c3bd640140efe75a2ef
SHA512

80c07ee8e8689bedf9bcba4b8f23740263b753d9fb368d15900a1f09afbb90db6602a77d25bd3fd519c5554df70247933e0f834a1a5f72d94cc50e1d2bfa6c23
SSDEEP

12288:Fdd/aZbIxUkll5P7sP9gvckX0lqYHXmLkfbucDTR+brhKSZYqJJiCHfti1Z+GC5o:F3S4dsJTG9YTCt5K

Score

N/A

Malware Config

Signatures

Files

9fc402316711be3a04989e576c00cff9c3d4ade5151f9c3bd640140efe75a2ef
.dll windows x86

b54b62930d55306be906889509ec7dcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
MultiByteToWideChar
GlobalFree
GetTickCount
GetSystemTimeAsFileTime
GetLastError
LocalAlloc
SetEvent
CreateMutexW
WaitForSingleObject
GetThreadLocale
InterlockedExchange
GetVersionExA
Sleep
ReadFile
SetUnhandledExceptionFilter
DeviceIoControl
UnhandledExceptionFilter
GetModuleFileNameW
GetExitCodeThread
GetDateFormatA
QueryPerformanceCounter
GetOverlappedResult
GetCurrentThreadId
CloseHandle
lstrcmpiW
ReleaseMutex
InterlockedDecrement
WaitForMultipleObjects
RaiseException
GetModuleHandleA
lstrlenW
GetModuleHandleW
OutputDebugStringA
SizeofResource
InterlockedCompareExchange
InitializeCriticalSection
CreateEventW
InterlockedIncrement
SetThreadLocale
CreateWaitableTimerW
CreateThread
LeaveCriticalSection
FindResourceW
WideCharToMultiByte
ResetEvent
SetWaitableTimer
FreeLibrary
LoadResource
LocalFree
GetCurrentProcessId
EnterCriticalSection
VirtualAlloc
TerminateProcess
CancelWaitableTimer
CreateFileW
DeleteCriticalSection

advapi32

RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW

oleaut32

RegisterTypeLi
LoadTypeLi
SysFreeString
UnRegisterTypeLi
SysStringLen
VarUI4FromStr
SysAllocString

ole32

PropVariantClear
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoInitializeEx
CoCreateInstance
CoTaskMemRealloc

setupapi

CM_Get_Sibling
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
SetupDiEnumDeviceInterfaces
CM_Get_Parent
CM_Get_Child

Exports

Exports

BackslashReplaceErrors
GivenExceptionMatches
List_AsTuple
Number_AsSsize_t
RestoreThread
set_flush
set_tIME
set_write_status_fn
vLoadModuleA

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b54b62930d55306be906889509ec7dcd

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

ole32

setupapi

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 156KB - Virtual size: 156KB

.rsrc Size: 96KB - Virtual size: 94KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 96KB - Virtual size: 94KB

.reloc
Size: 12KB - Virtual size: 8KB