1e6eeb66f951ee490a3032163cea45a8069b3936f7bf45ef5ece1c147ebe4f8c

General

Target

1e6eeb66f951ee490a3032163cea45a8069b3936f7bf45ef5ece1c147ebe4f8c
Size

152KB
MD5

a00b57a017324a8a019bb23098457bd9
SHA1

fdf3582bfb04d3729fd55d8852f27a0c65836c02
SHA256

1e6eeb66f951ee490a3032163cea45a8069b3936f7bf45ef5ece1c147ebe4f8c
SHA512

a54a2565f297fbe10c18e4e8b042f867b2dbf7b8711c94ac2863c5e71add4ba0a40d3eb56a09c44b163951d2a555048e4ab8858516b6904161fbb51c217003c4
SSDEEP

3072:KApTM8l1wPgUnjZnIvXNvyeRaGQpasBNOf8QetfGdYIGGYAyLGmoonv/uvrE6:NpTtl1QnI4Ga7tBNOUfqhG2yzog/uT

Score

N/A

Malware Config

Signatures

Files

1e6eeb66f951ee490a3032163cea45a8069b3936f7bf45ef5ece1c147ebe4f8c
.dll windows x86

97d9b79120761df93600f076b013cd30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupCancelTemporarySourceList

kernel32

FindFirstFileA
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetVersionExA
FindClose
LocalAlloc
LocalFree
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
VirtualProtect
lstrcpyA
lstrlenA
ExitProcess
DeleteFileA
CreateDirectoryA
LoadLibraryA

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
LsaStorePrivateData
CloseTrace

shell32

SHCreateProcessAsUserW
SHFreeNameMappings
SHGetFolderPathW
SHAddToRecentDocs

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

user32

wsprintfA
SetTimer
MessageBoxA

msvcrt

__CxxFrameHandler
__dllonexit
_adjust_fdiv
_except_handler3
_initterm
_itoa
_mbscmp
_onexit
atoi
free
malloc
sprintf
strrchr
strtok

Exports

Exports

ChConvertFromHex
CreateTableColumnIndex
CreateTempFileStream
HrCopyStreamCBEndOnCRLF

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97d9b79120761df93600f076b013cd30

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

advapi32

shell32

winspool.drv

user32

msvcrt

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB