8b2e0b0045dd205c2bffec21ceaf2361b7e2469ceebc63139c45ab4b4e668ccd

Sharing

Copy URL Twitter E-mail

General

Target

8b2e0b0045dd205c2bffec21ceaf2361b7e2469ceebc63139c45ab4b4e668ccd
Size

644KB
MD5

87420b1c559381280429858e65a7f560
SHA1

1d7c944970a6211ceb692f83ce1997bfc86e9ca1
SHA256

8b2e0b0045dd205c2bffec21ceaf2361b7e2469ceebc63139c45ab4b4e668ccd
SHA512

acbe01425c9664bbd31bc3dcb4045c79a48b62b7cf87e8b792ebdaf7912c25ca9615fdd6a9ee74f0f365a0e0483359bcbc46d9a3f07644ba617a93a8d8ef7ced
SSDEEP

12288:q+w1t2ASaX+5U8LFfhNpzQg/zgWHV/76HLXBUymP8FYf/F8d:E182XOVLfXUg/ss/7CXSyvYF8

Score

N/A

Malware Config

Signatures

Files

8b2e0b0045dd205c2bffec21ceaf2361b7e2469ceebc63139c45ab4b4e668ccd
.dll windows x86

5550c055fe982b0c73f4c1a721e1aa12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetWaitableTimer
GetVersionExA
CreateThread
GlobalFree
TerminateProcess
lstrcmpiW
LoadResource
EnterCriticalSection
LocalAlloc
FindResourceW
DeviceIoControl
CreateFileW
VirtualAlloc
CreateWaitableTimerW
ReleaseMutex
InterlockedDecrement
GetModuleFileNameW
QueryPerformanceCounter
GlobalAlloc
Sleep
MultiByteToWideChar
ResetEvent
lstrlenW
GetSystemTimeAsFileTime
GetOverlappedResult
LocalFree
LeaveCriticalSection
CloseHandle
ReadFile
UnhandledExceptionFilter
GetLastError
GetCurrentThreadId
FreeLibrary
SetEvent
WaitForSingleObject
RaiseException
InitializeCriticalSection
GetExitCodeThread
GetTickCount
OutputDebugStringA
GetCurrentProcessId
WideCharToMultiByte
GetThreadLocale
GetModuleHandleA
InterlockedIncrement
SetUnhandledExceptionFilter
GetDateFormatA
DeleteCriticalSection
CreateEventW
GetModuleHandleW
InterlockedExchange
WaitForMultipleObjects
InterlockedCompareExchange
CreateMutexW

setupapi

SetupCloseInfFile
CM_Get_DevNode_Registry_PropertyW
SetupDiRemoveDevice
CM_Add_Empty_Log_Conf_Ex
CM_Get_Sibling
SetupDiSelectOEMDrv
CM_Locate_DevNodeW

oleaut32

UnRegisterTypeLi
SysFreeString
VarUI4FromStr
SysAllocString
SysStringLen
RegisterTypeLi
LoadTypeLi

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
PropVariantClear
OleCreateFromFile

Exports

Exports

Member4_SetOne
buffer_size
set_add_alpha
set_cHRM

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5550c055fe982b0c73f4c1a721e1aa12

Headers

File Characteristics

Imports

kernel32

setupapi

oleaut32

advapi32

ole32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 240KB - Virtual size: 240KB

.rsrc Size: 164KB - Virtual size: 162KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 240KB - Virtual size: 240KB

.rsrc
Size: 164KB - Virtual size: 162KB

.reloc
Size: 8KB - Virtual size: 7KB