4d6649e16e8373c467f1bf6c4b735992601e25b2616e620e526fd4fedae93639

Sharing

Copy URL Twitter E-mail

General

Target

4d6649e16e8373c467f1bf6c4b735992601e25b2616e620e526fd4fedae93639
Size

5.9MB
MD5

2d272406960c5b5b495470565589351e
SHA1

4640decf69a89558c5bfd636dd5c398685965ae1
SHA256

4d6649e16e8373c467f1bf6c4b735992601e25b2616e620e526fd4fedae93639
SHA512

03ca3b29faad2c639f108678cdec00d4730f1f9c2eba1fd2eaabab18a132701d4363322eb85bc1e2db9ba9eb077208ae091f1413d3e830fa79243c6fbb0afc29
SSDEEP

98304:0OHFRBYVFegoDHhxkaPziq5ToCdVGZkFNwAl:0OHFRcogoLTP6mFNwM

Score

N/A

Malware Config

Signatures

Files

4d6649e16e8373c467f1bf6c4b735992601e25b2616e620e526fd4fedae93639
.dll windows x86

b0a8017f12cbe0b2df8e682c514d26ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
CompareStringA
MultiByteToWideChar
FormatMessageW
MulDiv
FreeLibrary
HeapAlloc
ExitProcess
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcessHeap
VirtualFree
VirtualAlloc
CreateProcessA
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
GetThreadPriority
GetPriorityClass
GetTempPathA
GetTempFileNameA
GetTickCount
TerminateProcess
GetLocalTime
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
SetPriorityClass
GetCurrentThread
SetThreadPriority
GetProcAddress
Sleep
GetModuleFileNameA
GetFileSize
SetFilePointer
ReadFile
GetVersionExA
GetCurrentProcessId
FormatMessageA
OpenEventA
DeleteFileA
FreeConsole
GetCurrentProcess
DeviceIoControl
SetFileAttributesA
CreateFileA
WriteFile
SetFileTime
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
CreateEventA
WaitForSingleObject
GetLastError
SetEvent
CloseHandle
SetLastError
LoadLibraryA

user32

CreateWindowExA
CreateWindowExW
GetSystemMetrics
AdjustWindowRectEx
SetWindowLongA
GetWindowLongA
ReleaseDC
SetWindowRgn
GetDC
DestroyWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBeep
UnregisterClassW
UnregisterClassA
LoadCursorA
RegisterClassW
RegisterClassA
CallWindowProcA
SetCapture
DrawFrameControl
BeginPaint
EndPaint
GetDlgCtrlID
IntersectRect
FillRect
CopyRect
SetRect
IsRectEmpty
OffsetRect
DrawTextW
DrawTextA
PtInRect
GetWindowRgn
IsWindowVisible
GetCapture
ReleaseCapture
ShowWindow
SetActiveWindow
TranslateMessage
DispatchMessageW
DispatchMessageA
ActivateKeyboardLayout
SendMessageA
PostMessageA
InvalidateRect
UpdateWindow
GetSysColor
LoadStringW
DefWindowProcW
DefWindowProcA
PeekMessageW
PeekMessageA
GetMessageW
GetMessageA
MessageBoxA
LoadStringA
PostThreadMessageA
GetKeyState
ExitWindowsEx
SetWindowPos

gdi32

GdiFlush
CreateDIBSection
GetDIBits
OffsetRgn
GetDeviceCaps
CreateRectRgn
CombineRgn
EnumFontFamiliesExA
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
GetObjectA
SetBkColor
ExtSelectClipRgn
SetStretchBltMode
StretchBlt
BitBlt
SelectObject
SetBkMode
SetTextColor
CreateRectRgnIndirect
PtInRegion
DeleteObject
CreateFontIndirectW
CreateBrushIndirect
CreateFontIndirectA

advapi32

RegOpenKeyA
RegDeleteKeyA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
ControlService
StartServiceA
ChangeServiceConfigA
OpenServiceA
QueryServiceConfigA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

AreDriversInstalled
InstallDrivers
UninstallDrivers

Sections

.text
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce
Size: 47KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0a8017f12cbe0b2df8e682c514d26ea

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Exports

Exports

Sections

.text Size: - Virtual size: 27KB

.sforce Size: 47KB - Virtual size: 6.1MB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 84KB

.text
Size: - Virtual size: 27KB

.sforce
Size: 47KB - Virtual size: 6.1MB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 84KB