66b6934da073605b7b7cddab91f1f7e5fca7074c91b589d90e4e351d272132ee

Sharing

Copy URL

Twitter E-mail

General

Target

66b6934da073605b7b7cddab91f1f7e5fca7074c91b589d90e4e351d272132ee
Size

294KB
MD5

7d9a0661513b335eef75b9c09ff0e755
SHA1

ec4d930cc9ce239b7eec3bbc33dafbe72aff354c
SHA256

66b6934da073605b7b7cddab91f1f7e5fca7074c91b589d90e4e351d272132ee
SHA512

413c59e680baa5ea49fa1683f35052ac936c85dde05adeb35f922e0b432b02e947a0db1942a04ab3184f9cc469c536e023b087ddc83ca2c6c4e41796f336c60f
SSDEEP

6144:9Dp1SWWfUa/rjS/Bt7U+pYePqU9QCjOE6HdC78G2SySmZ:9Dp1xWfUaTj1+pYe3Qcrn8G2SB0

Score

N/A

Malware Config

Signatures

Files

66b6934da073605b7b7cddab91f1f7e5fca7074c91b589d90e4e351d272132ee
.exe windows x86

0d40ecf942782c87cfda8b15fb78bd4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaFreeMemory
QueryServiceStatus
QueryServiceConfigW
RegDeleteKeyW
RegEnumKeyExW
OpenSCManagerW
CloseServiceHandle
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
LsaQueryInformationPolicy
OpenServiceW
RegOpenKeyExW
RegCloseKey
LsaClose
RegQueryInfoKeyW
LsaOpenPolicy

kernel32

GetFileType
UnmapViewOfFile
GetTempFileNameW
MulDiv
RaiseException
GetLogicalDriveStringsW
HeapFree
GetShortPathNameW
RtlUnwind
GetFileInformationByHandle
GetPrivateProfileStringW
SetErrorMode
SizeofResource
GetConsoleCP
FindFirstFileW
ExitThread
lstrlenA
lstrlenW
FindFirstFileExW
LoadLibraryExW
FindResourceW
DeleteFileW
GetPrivateProfileSectionW
GetConsoleMode
CreateEventW
TlsGetValue
lstrcmpW
GetOEMCP
CloseHandle
SetLastError
GlobalLock
IsValidCodePage
VirtualAlloc
FormatMessageW
GetStdHandle
FreeEnvironmentStringsW
CreateMutexW
CreateDirectoryW
LocalAlloc
lstrcmpiW
CopyFileW
GetUserDefaultLCID
ResetEvent
FindResourceExW
GetSystemDirectoryW
CreateThread
SetHandleCount
GetSystemInfo
WriteConsoleW
TlsSetValue
LockResource
GetSystemTimeAsFileTime
EnterCriticalSection
CreateProcessW
HeapAlloc
InterlockedPushEntrySList
ReadFile
TerminateThread
TlsAlloc
MapViewOfFile
GetCurrentDirectoryW
GetDriveTypeW
GetCurrentThreadId
HeapDestroy
DuplicateHandle
GetWindowsDirectoryW
GetFullPathNameW
EnumSystemLocalesA
GetTempPathW
WideCharToMultiByte
GlobalUnlock
SetFilePointer
GetVolumeInformationW
GetLogicalDrives
UnhandledExceptionFilter
ResumeThread
CompareStringW
HeapReAlloc
GetModuleHandleW
LoadResource
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
LeaveCriticalSection
GetDiskFreeSpaceExW
LCMapStringW
FileTimeToSystemTime
IsValidLocale
TlsFree
FreeLibrary
GetCommandLineW
SetStdHandle
EnumUILanguagesW
WaitForSingleObject
IsWow64Process
SystemTimeToFileTime
ReleaseMutex
DeviceIoControl
DeleteCriticalSection
GetFileSize
GetACP
LocalFree
RemoveDirectoryW
GetTimeZoneInformation
SetCurrentDirectoryW
WriteFile
FlushFileBuffers
SetEndOfFile
GlobalAlloc
FindClose
ExpandEnvironmentStringsW
IsProcessorFeaturePresent
FindNextFileW
InitializeCriticalSectionAndSpinCount
GlobalReAlloc
GlobalFree
VirtualFree
SetUnhandledExceptionFilter
OutputDebugStringW
HeapSize
FlushInstructionCache
IsDebuggerPresent
PeekNamedPipe
GetCommandLineA
CreateFileMappingW
InterlockedPopEntrySList
GlobalHandle
GetLocalTime

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ole32

CoUninitialize
StringFromCLSID
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitializeEx
CLSIDFromString
OleInitialize
OleLockRunning
OleUninitialize
CreateStreamOnHGlobal
CoInitialize
OleRun
CoGetClassObject
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

oleaut32

VariantClear
VarUI4FromStr
SysStringLen
SafeArrayGetElement
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect
VarBstrCmp
VarBstrCat
SafeArrayGetLBound
SysFreeString
SetErrorInfo
LoadRegTypeLi
VariantInit
GetErrorInfo
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysAllocString
CreateErrorInfo
SafeArrayGetUBound
SafeArrayGetDim

user32

RegisterClassExW
DestroyMenu
GetCursor
SetWindowContextHelpId
DrawTextW
MonitorFromWindow
CharPrevW
ClientToScreen
CharNextW
GetWindow
SetTimer
CreatePopupMenu
ShowWindow
PostQuitMessage
InvalidateRgn
KillTimer
GetMonitorInfoW
InvalidateRect
IsDialogMessageW
IsWindow
CreateDialogIndirectParamW
EndPaint
SetScrollPos
GetDesktopWindow
ReleaseCapture
LoadImageW
CreateWindowExW
SetCapture
GetWindowRect
SetWindowPos
ReleaseDC
GetClientRect
SetWindowTextW
PeekMessageW
SendDlgItemMessageW
LoadCursorW
SendMessageW
IsWindowVisible
DestroyIcon
BeginPaint
EndDialog
SetActiveWindow
LoadIconW
SetCursor
SetDlgItemTextW
MessageBoxW
GetFocus
SetScrollInfo
GetWindowTextLengthW
GetDlgItem
MoveWindow
GetDC
GetClassInfoExW
CreateCaret
GetSystemMetrics
RedrawWindow
DestroyWindow
FillRect
GetParent
MapDialogRect
IsDlgButtonChecked
LoadAcceleratorsW
TranslateMessage
CheckRadioButton
GetActiveWindow
SystemParametersInfoW
AppendMenuW
IsChild
GetClassNameW
MapWindowPoints
CreateAcceleratorTableW
UnregisterClassA
DialogBoxParamW
EnableWindow
GetSysColor
GetWindowTextW
GetWindowLongW
ScreenToClient
DestroyAcceleratorTable
DispatchMessageW
MsgWaitForMultipleObjects
CallWindowProcW
PostMessageW
SetFocus
DefWindowProcW
SetWindowLongW
DialogBoxIndirectParamW
RegisterWindowMessageW
GetKeyboardLayout
SetDlgItemInt
ShowCaret
MessageBoxIndirectA
WaitMessage
LoadMenuIndirectA
GetDCEx
SetWindowTextA
ActivateKeyboardLayout
GetMenuItemCount
DefWindowProcA
GetMenuItemInfoW
CreateMenu
GetSysColorBrush

setupapi

SetupIterateCabinetW

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetDesktopFolder
CommandLineToArgvW
SHBrowseForFolderW
SHGetMalloc
SHGetFolderPathW
SHGetPathFromIDListW

comctl32

ImageList_Destroy
ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

gdi32

DeleteObject
GetPaletteEntries
SelectObject
CreateFontIndirectW
PatBlt
CreateSolidBrush
CreateCompatibleBitmap
RealizePalette
SelectPalette
GetStockObject
SetBkMode
DeleteDC
GetObjectW
CreatePalette
SetDIBitsToDevice
CreateDIBitmap
GetDeviceCaps
CreateCompatibleDC
GetTextExtentPoint32W
BitBlt
SetTextColor

mcicda

DriverProc

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 251KB - Virtual size: 999KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d40ecf942782c87cfda8b15fb78bd4c

Headers

File Characteristics

Imports

advapi32

kernel32

version

ole32

oleaut32

user32

setupapi

shell32

comctl32

gdi32

mcicda

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 251KB - Virtual size: 999KB

.rdata Size: 8KB - Virtual size: 245KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 251KB - Virtual size: 999KB

.rdata
Size: 8KB - Virtual size: 245KB

.rsrc
Size: 12KB - Virtual size: 11KB