4fdf40fb75806a16146da9ed81084ad95382161e27a592610145311f99df0570

Sharing

Copy URL

Twitter E-mail

General

Target

4fdf40fb75806a16146da9ed81084ad95382161e27a592610145311f99df0570
Size

772KB
MD5

ea9e0f291f270d9875cce33e0f093a00
SHA1

271d27fe2199b5bf17be4b5c4231b50c229f8d37
SHA256

4fdf40fb75806a16146da9ed81084ad95382161e27a592610145311f99df0570
SHA512

b0a05141d115fdf92d517d953ece237356338106cf949f99a85dc6272eb238eaaf8a82f7d16993ad0a4cf3956c87dc04da1c72eafddc7a7e1d96ee85595016be
SSDEEP

12288:+d8/AwnhMoGtHG+m8GYvYhPjvBrWDx7f6JQxnuqkX8:JFhMMNAvYhPYxWJQ1uq0

Score

N/A

Malware Config

Signatures

Files

4fdf40fb75806a16146da9ed81084ad95382161e27a592610145311f99df0570
.dll windows x86

d40c21c3f3bf5844f31573e3cbcab116

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

msi

ord124
ord17
ord8
ord73
ord144
ord46
ord103

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

CreateDirectoryA
GetBinaryTypeA
CreateFileA
GetFileSize
FindFirstFileA
GetFileAttributesA
FindNextFileA
FindClose
GetProcessHeap
ConnectNamedPipe
SleepEx
WriteFile
SetFilePointer
SetLastError
ReadFile
LocalAlloc
FlushFileBuffers
DisconnectNamedPipe
VirtualAlloc
VirtualFree
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
GetModuleFileNameA
GetVersionExA
GetOverlappedResult
GetWindowsDirectoryA
WritePrivateProfileStringA
GetModuleHandleA
GetStdHandle
lstrcpyA
GetLocalTime
RaiseException
CreateNamedPipeA
CopyFileA
GetFileTime
FileTimeToSystemTime
GetSystemInfo
TerminateProcess
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetThreadLocale
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
OpenProcess
GetFullPathNameA
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
SuspendThread
GlobalGetAtomNameA
FileTimeToLocalFileTime
GetModuleFileNameW
InterlockedDecrement
GlobalReAlloc
GlobalHandle
LocalReAlloc
SetErrorMode
InterlockedIncrement
lstrcmpA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
CreateFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
VirtualProtect
VirtualQuery
GetCommandLineA
GetSystemTimeAsFileTime
SetCurrentDirectoryA
SetStdHandle
GetFileType
GetTimeFormatA
GetDateFormatA
ExitProcess
RtlUnwind
ExitThread
CreateThread
HeapSize
GetACP
IsValidCodePage
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
QueryDosDeviceA
GetCurrentProcessId
SetFileAttributesA
DeleteCriticalSection
CompareStringW
CompareStringA
lstrlenA
GetCurrentProcess
GetVersion
InterlockedExchange
FormatMessageA
TerminateThread
WaitForSingleObject
Module32Next
Module32First
Process32Next
LeaveCriticalSection
Process32First
CreateToolhelp32Snapshot
EnterCriticalSection
MoveFileA
CreateIoCompletionPort
DeleteFileA
Sleep
MoveFileExA
GetDriveTypeA
GetLogicalDrives
LocalFree
InitializeCriticalSection
HeapDestroy
HeapCreate
HeapFree
HeapAlloc
GetEnvironmentVariableA
CloseHandle
CreateEventA
SetEnvironmentVariableA
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
ExpandEnvironmentStringsA
GetVolumeInformationA
GetCurrentDirectoryA

gdi32

DeleteDC
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

MsiInstall
MsiUninstall
PIEDelete
PIEInit
PIENew

Sections

.text
Size: 576KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40c21c3f3bf5844f31573e3cbcab116

Headers

File Characteristics

Imports

rpcrt4

msi

version

kernel32

gdi32

comdlg32

winspool.drv

Exports

Exports

Sections

.text Size: 576KB - Virtual size: 573KB

.rdata Size: 108KB - Virtual size: 105KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 24KB - Virtual size: 22KB

.reloc Size: 44KB - Virtual size: 41KB

.text
Size: 576KB - Virtual size: 573KB

.rdata
Size: 108KB - Virtual size: 105KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 24KB - Virtual size: 22KB

.reloc
Size: 44KB - Virtual size: 41KB