def9ba98b4b4c4f851b81e6c31bcacc9cf66156b85a0606e1c092ff469c4402f

Sharing

Copy URL Twitter E-mail

General

Target

def9ba98b4b4c4f851b81e6c31bcacc9cf66156b85a0606e1c092ff469c4402f
Size

3.7MB
MD5

207531d7b6d905c84c0fe592c322c3a6
SHA1

f3403bc9eebf14f0966783057837ddb9cffc74be
SHA256

def9ba98b4b4c4f851b81e6c31bcacc9cf66156b85a0606e1c092ff469c4402f
SHA512

70abb151b011d550731f4b5a05a03bb1248df98749abbeca998f4d77f8d4c419ff5f37cfd6bf278fb2336d3a6ac12324fa699a4ebb5384561962e8b40e440d41
SSDEEP

98304:NUzJD1oOP2xb8uKWF/hrmtBMtOHiGBgpH9a4va/:etpqxb8uhhhrgBNinl9a4va/

Score

N/A

Malware Config

Signatures

Files

def9ba98b4b4c4f851b81e6c31bcacc9cf66156b85a0606e1c092ff469c4402f
.dll windows x86

ac0c13b75cc9fae8e2fe212c82820198

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
MultiByteToWideChar
FormatMessageW
HeapFree
HeapAlloc
GetProcessHeap
CompareStringA
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
VirtualAlloc
CreateProcessA
GetPriorityClass
DeleteFileA
FreeConsole
GetCurrentProcess
DeviceIoControl
SetFileAttributesA
CreateFileA
WriteFile
SetFileTime
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
CreateEventA
WaitForSingleObject
GetLastError
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
GetThreadPriority
GetCurrentProcessId
ReadFile
GetTempPathA
SetEvent
CloseHandle
GetTempFileNameA
GetVersionExA
GetTickCount
TerminateProcess
GetLocalTime
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetProcAddress
Sleep
GetModuleFileNameA
GetFileSize
SetFilePointer
FormatMessageA
OpenEventA
LoadLibraryA
ExitProcess
SetLastError

user32

SetRect
CreateWindowExW
GetSystemMetrics
AdjustWindowRectEx
SetWindowLongA
GetWindowLongA
ReleaseDC
SetWindowRgn
GetDC
DestroyWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBeep
UnregisterClassW
UnregisterClassA
LoadCursorA
RegisterClassW
RegisterClassA
CallWindowProcA
SetCapture
DrawFrameControl
BeginPaint
EndPaint
GetDlgCtrlID
IntersectRect
FillRect
CopyRect
CreateWindowExA
IsRectEmpty
OffsetRect
DrawTextW
DrawTextA
GetWindowRgn
GetCapture
ReleaseCapture
ShowWindow
SetActiveWindow
TranslateMessage
DispatchMessageW
DispatchMessageA
ActivateKeyboardLayout
SendMessageA
PostMessageA
InvalidateRect
UpdateWindow
GetSysColor
LoadStringW
DefWindowProcW
DefWindowProcA
PeekMessageW
PeekMessageA
GetMessageW
GetMessageA
MessageBoxA
LoadStringA
PostThreadMessageA
GetKeyState
ExitWindowsEx
SetWindowPos
IsWindowVisible
PtInRect

gdi32

CreateFontIndirectW
PtInRegion
CreateRectRgnIndirect
SetTextColor
SetBkMode
SelectObject
BitBlt
StretchBlt
SetStretchBltMode
ExtSelectClipRgn
SetBkColor
GetObjectA
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
EnumFontFamiliesExA
CombineRgn
GetDIBits
GdiFlush
CreateDIBSection
CreateBrushIndirect
OffsetRgn
GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateRectRgn

advapi32

OpenServiceA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
QueryServiceConfigA
RegDeleteKeyA
ChangeServiceConfigA
StartServiceA
ControlService
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
DeleteService

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

AreDriversInstalled
InstallDrivers
UninstallDrivers

Sections

.text
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce
Size: 43KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac0c13b75cc9fae8e2fe212c82820198

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Exports

Exports

Sections

.text Size: - Virtual size: 27KB

.sforce Size: 43KB - Virtual size: 3.9MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 71KB

.text
Size: - Virtual size: 27KB

.sforce
Size: 43KB - Virtual size: 3.9MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 71KB