iivsulmrz[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

iivsulmrz.exe
Size

137KB
MD5

617e72c3ebe8bb2cd57779aba5135adb
SHA1

55079e56815780aa78d12a4691c4282c9f93a145
SHA256

f3d7237a1eacaaafcb8515f57d81a21d035d91c779022d9a7ff91bb9cd4dd6fc
SHA512

f6f467f1131ad82dd51f44ad7057e45c294a758aa9c10dc2d69272a4ac2e6bebd0e1f5fe0c4363d37b1be4f1fb18f645e0d2036047050bcec626a0a7fcc92bde
SSDEEP

3072:EBiBQROBhUZ+F+XZzlD05wVME57izZxEQvuyM7m0Bnn7mS9z3A8m7:QXRaUoFKZzaCVr7iXuAM3hm7

Score

1^/10

Malware Config

Signatures

Files

iivsulmrz.exe
.exe windows x86

2e4b1188943b93d307a82cce11e357d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringW
ConnectNamedPipe
CreateEventW
CreateFileW
CreateProcessW
DecodePointer
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindCloseChangeNotification
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileSizeEx
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeExA
GetStringTypeW
GetSystemTimeAsFileTime
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
RtlUnwind
SetConsoleDisplayMode
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileSectionA
lstrcmpW

gdi32

ExtTextOutW
GetTextColor
PolyTextOutA
RemoveFontResourceExA
SetBkColor

oleaut32

OleLoadPicturePath
SysStringLen
VarI4FromI1

rtm

MgmDeRegisterMProtocol
MgmGetMfe
RtmBlockConvertRoutesToStatic
RtmBlockSetRouteEnable

winmm

CloseDriver
PlaySound
midiOutGetDevCapsW
wod32Message

ws2_32

WSAGetQOSByName
WSAGetServiceClassNameByClassIdA
WSASocketA
WSCGetProviderPath
htons
inet_addr
listen

loadperf

LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsA

winspool.drv

AddFormW
ConfigurePortA
DevQueryPrintEx
EXTDEVICEMODE
ord100
GetJobA
SetFormA

user32

BeginPaint
BringWindowToTop
CascadeWindows
CheckMenuItem
CheckMenuRadioItem
DefWindowProcW
DeleteMenu
DestroyIcon
DestroyMenu
DialogBoxParamW
EndDialog
EndPaint
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenu
GetMenuState
GetSubMenu
GetSysColor
GetWindowLongW
GetWindowPlacement
GetWindowThreadProcessId
IsIconic
IsWindowVisible
IsZoomed
KillTimer
LoadIconW
LoadMenuW
LoadStringA
LoadStringW
MessageBoxW
OpenIcon
PostMessageW
ReleaseDC
SendMessageW
SetForegroundWindow
SetMenuDefaultItem
SetRect
SetTimer
SetWindowLongW
SetWindowPos
ShowWindow
TileWindows
TrackPopupMenuEx
WinHelpW
wsprintfW

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

shell32

Shell_NotifyIconW

comctl32

ord17

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.voltbl
Size: 512B - Virtual size: 247B

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e4b1188943b93d307a82cce11e357d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

oleaut32

rtm

winmm

ws2_32

loadperf

winspool.drv

user32

advapi32

shell32

comctl32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 21KB

.00cfg Size: 512B - Virtual size: 8B

.voltbl Size: 512B - Virtual size: 247B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 21KB

.00cfg
Size: 512B - Virtual size: 8B

.voltbl
Size: 512B - Virtual size: 247B

.reloc
Size: 6KB - Virtual size: 5KB