5198625b668a8be8f63cceefd0f0df4143f22d8df07458d80fdae9524356b31e

General

Target

5198625b668a8be8f63cceefd0f0df4143f22d8df07458d80fdae9524356b31e
Size

68KB
MD5

cbe6d23a3b8ced28177b29bfe2cd1580
SHA1

4bd3cb987e1c452d5daf4ba2eac27fa6f650bf0c
SHA256

5198625b668a8be8f63cceefd0f0df4143f22d8df07458d80fdae9524356b31e
SHA512

82417e64294ac41e2c4442b7add6bf4d72b269e979c0e1c48504af9ab691d0a183ce603d3bc2af2bd4118a82a3e53c24a2aa752e225828a9c645d1b48d1480f2
SSDEEP

768:DsfKvd6KFa4H4THD4H8TXD98QytOhnh2Yxx/7ocJSmhHskA:Dn0fO8TTa2nh2qVo3mhHsx

Score

N/A

Malware Config

Signatures

Files

5198625b668a8be8f63cceefd0f0df4143f22d8df07458d80fdae9524356b31e
.dll windows x86

05ab22ff664879d43abe2cb556b55623

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CopyFileA
GetLastError
WinExec
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetWindowsDirectoryA
MultiByteToWideChar
LoadLibraryA
FreeLibrary
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
HeapFree
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
ReadFile
CreateFileA
SetFilePointer
GetStringTypeA
GetStringTypeW
GetProcAddress
RtlUnwind
SetEndOfFile

shell32

SHGetSpecialFolderPathA

setupapi

SetupDiClassGuidsFromNameA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

Exports

Exports

FindAGP_9x
InstallAGP_9X
UninstallAGP_9x

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05ab22ff664879d43abe2cb556b55623

Headers

File Characteristics

Imports

kernel32

shell32

setupapi

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 10KB

.WYCao Size: 28KB - Virtual size: 28KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 10KB

.WYCao
Size: 28KB - Virtual size: 28KB