8d1b8a182c32bbcc2e29366096b883b637a47b5bfc9d2f5b982a47a91b36c64d

Sharing

Copy URL Twitter E-mail

General

Target

8d1b8a182c32bbcc2e29366096b883b637a47b5bfc9d2f5b982a47a91b36c64d
Size

84KB
MD5

db1c19445d472cfeafa919677e65f6ff
SHA1

111aec35a0e7be88aa1d290637429845449ea953
SHA256

8d1b8a182c32bbcc2e29366096b883b637a47b5bfc9d2f5b982a47a91b36c64d
SHA512

fa4e626be8757fae9e05bb795a69bc99117c9a6b5483194532d66757041494e60beb648e650cc802fa328ae8b4b12bb695637ef41df86067a3cb6989e33f6616
SSDEEP

1536:/uJhw7gpCr2frvw/M6X1dMYc64AtRjSM:/uEag2b894Atr

Score

1^/10

Malware Config

Signatures

Files

8d1b8a182c32bbcc2e29366096b883b637a47b5bfc9d2f5b982a47a91b36c64d
.dll windows x86

2a5edc5cd4ceeff2250d3ec2a40d7bce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
DeviceIoControl
DeleteFileA
FreeResource
GetFileSize
SizeofResource
LoadResource
FindResourceA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FlushViewOfFile
CreateFileA
WriteFile
CloseHandle

advapi32

RegSetValueExA
RegCreateKeyA
RegFlushKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Xlen@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xran@std@@YAXXZ

msvcrt

__CxxFrameHandler
??2@YAPAXI@Z
strncpy
toupper
sprintf
memmove
free
_initterm
malloc
_adjust_fdiv
_strcmpi

shlwapi

SHDeleteKeyA

Exports

Exports

DF_CreateInstance
DF_InstallDriver
DF_UninstallDriver

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a5edc5cd4ceeff2250d3ec2a40d7bce

Headers

File Characteristics

Imports

kernel32

advapi32

msvcp60

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 376B

.rsrc Size: 56KB - Virtual size: 54KB

.reloc Size: 4KB - Virtual size: 844B

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 376B

.rsrc
Size: 56KB - Virtual size: 54KB

.reloc
Size: 4KB - Virtual size: 844B