8cb83a531a753c9c84277c724d6c1e922d4c52e2a76f9ae4caa9aca9f207c150

Sharing

Copy URL Twitter E-mail

General

Target

8cb83a531a753c9c84277c724d6c1e922d4c52e2a76f9ae4caa9aca9f207c150
Size

284KB
MD5

b9e9660d5d18f6bfa52f96961cf2fd7c
SHA1

b013c44231005629d0950adec6be7a25a888ca1d
SHA256

8cb83a531a753c9c84277c724d6c1e922d4c52e2a76f9ae4caa9aca9f207c150
SHA512

3cc7ae59db618d0805a60098bf497f03a52f928eb3d39aa5773b9ccfd5a8ec63e8f57d4209c5f627feb7accec290b960aac03f95d39746ae3427f2fcd6fff625
SSDEEP

6144:CzvVJeoYyrITwpufTb21Nirbe8vnYTeF1GqGQOSaBXb3:ie02wp9Yrbe8vjKXQOSaBT

Score

N/A

Malware Config

Signatures

Files

8cb83a531a753c9c84277c724d6c1e922d4c52e2a76f9ae4caa9aca9f207c150
.dll windows x86

2bdb52be65448a7804803906c60a3a5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cnclsu34b

ord140
ord110
ord150
ord120

kernel32

GetVersionExW
WideCharToMultiByte
lstrlenW
CloseHandle
WaitForSingleObject
DeviceIoControl
Sleep
ResetEvent
lstrcpyA
WriteFile
ReadFile
GetPrivateProfileStringW
GetPrivateProfileIntW
GetSystemDirectoryW
CreateEventW
CreateFileA
MultiByteToWideChar
OutputDebugStringW
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcmpiA
GetOverlappedResult
FlushFileBuffers
SetEvent
WaitForMultipleObjects
GetModuleFileNameA
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GlobalAlloc
GlobalFree
GetSystemDirectoryA
GetLastError
GetConsoleOutputCP
WriteConsoleW
GetPrivateProfileIntA
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapSize
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

wsprintfA
wsprintfW

winspool.drv

EnumPortsW
EnumMonitorsW

advapi32

RegOpenKeyA
RegOpenKeyW
RegQueryValueExA
RegCloseKey

Exports

Exports

MpTransClosePort
MpTransDeviceReset
MpTransGetUSBSpeed
MpTransInitialize
MpTransOpenPort
MpTransPRBRequest
MpTransRegisterEvent
MpTransShutdown
MpTransUnregisterEvent

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bdb52be65448a7804803906c60a3a5b

Headers

File Characteristics

Imports

cnclsu34b

kernel32

user32

winspool.drv

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 188KB - Virtual size: 192KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 188KB - Virtual size: 192KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 7KB