aed2ddb7e59c320e5c38c8ab183a340120aa055fd3119ccf95ae2ae3a9ec8b9d

Sharing

Copy URL

Twitter E-mail

General

Target

aed2ddb7e59c320e5c38c8ab183a340120aa055fd3119ccf95ae2ae3a9ec8b9d
Size

664KB
MD5

b82b9dca13de21e4df92f475456071c0
SHA1

4b392809af651c90f9a5e9f1e4ec7dc0b462a3b2
SHA256

aed2ddb7e59c320e5c38c8ab183a340120aa055fd3119ccf95ae2ae3a9ec8b9d
SHA512

6193089474467fab6620f49f8feb2a8e3641b0a63f2fcd89085cf8c6e6cbd41f33915c3f49eeb8b530e8ccdf1dd0ab24030ba8466d13119ac9915b64db87c270
SSDEEP

12288:if6U2qocgwJ8CXPx/x3kXm6P8mhPSl2fpJkKf4SZ6XwBPq:iCvqocgwJ8sxJ3kzflU

Score

N/A

Malware Config

Signatures

Files

aed2ddb7e59c320e5c38c8ab183a340120aa055fd3119ccf95ae2ae3a9ec8b9d
.dll windows x86

af6e4ccd264745037fac77faa85cf7b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Add_Empty_Log_Conf_Ex
CM_Locate_DevNodeW
SetupCloseInfFile
SetupDiGetClassDevsW
CM_Get_Parent
SetupDiGetDeviceInterfaceAlias
CM_Get_DevNode_Registry_PropertyW
SetupDiSelectOEMDrv
CM_Get_Sibling
CM_Delete_DevNode_Key

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCreateKeyW
RegDeleteValueW
RegCloseKey
RegDeleteKeyW

ole32

PropVariantClear
CoCreateInstance
CoTaskMemRealloc
CoInitialize
CoTaskMemAlloc
CoUninitialize
OleCreateFromFile
CoInitializeEx

kernel32

InterlockedIncrement
TerminateProcess
InterlockedExchange
WideCharToMultiByte
RaiseException
GetCurrentProcessId
GetThreadLocale
CreateMutexW
SetEvent
LoadResource
FindResourceW
LocalFree
CancelWaitableTimer
GlobalAlloc
GlobalFree
SetWaitableTimer
GetDateFormatA
MultiByteToWideChar
lstrlenW
GetOverlappedResult
EnterCriticalSection
ReleaseMutex
GetVersionExA
ResetEvent
DeviceIoControl
DeleteCriticalSection
CreateWaitableTimerW
WaitForSingleObject
GetLastError
lstrcmpiW
CloseHandle
InterlockedDecrement
InitializeCriticalSection
QueryPerformanceCounter
UnhandledExceptionFilter
OutputDebugStringA
CreateThread
CreateFileW
Sleep
LeaveCriticalSection
GetModuleFileNameW
GetTickCount
GetCurrentThreadId
CreateEventW
GetSystemTimeAsFileTime
GetModuleHandleW
FreeLibrary
LocalAlloc
GetModuleHandleA
WaitForMultipleObjects
InterlockedCompareExchange
SetUnhandledExceptionFilter
VirtualAlloc
ReadFile
GetExitCodeThread

oleaut32

SysStringLen
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
VarUI4FromStr
LoadTypeLi

Exports

Exports

GetDesc
RestoreThread
build_grayscale_palette
free_default
get_user_chunk_ptr
read_rows
vSetTargetWPath

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af6e4ccd264745037fac77faa85cf7b5

Headers

File Characteristics

Imports

setupapi

advapi32

ole32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 252KB - Virtual size: 252KB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 252KB - Virtual size: 252KB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 8KB - Virtual size: 7KB