143821d0da95f3663eb2e065974216610c8075873c9d8edd152d5484e784a868

Sharing

Copy URL

Twitter E-mail

General

Target

143821d0da95f3663eb2e065974216610c8075873c9d8edd152d5484e784a868
Size

185KB
MD5

6c5a6f967f4d43a489621c5f06f6407b
SHA1

1f3a259f53a82455c00d228983e2d08b6ad9be79
SHA256

143821d0da95f3663eb2e065974216610c8075873c9d8edd152d5484e784a868
SHA512

2aee3c5386d8cb5b9f243d65d06f3d8d5e649daf1150c05bdde5ba1268069a1001c715508706490ac442abda5bd36434b5498aab516df58a3e4c4de84e6e2112
SSDEEP

3072:FJB9qeq03+6Lwc2EB4cIrnMo3tu+MbXGBViI9siPcndGm86pZYw7Ag3J9vqSj:pqAwcnEndle2BV4Moh86DYwvn

Score

N/A

Malware Config

Signatures

Files

143821d0da95f3663eb2e065974216610c8075873c9d8edd152d5484e784a868
.exe windows x86

5a029881fd4ca730c9dbe96ff8a4603b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW
ExitWindowsEx
CharPrevW
CharNextW

advapi32

OpenProcessToken
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
AdjustTokenPrivileges
CloseServiceHandle
LookupPrivilegeValueW
OpenSCManagerW
OpenServiceW

setupapi

SetupDiGetClassDescriptionExW
SetupDiGetClassDevsExW
SetupDiGetDeviceInfoListDetailW
SetupDiEnumDriverInfoW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDriverInfoDetailW
SetupDiGetDriverInstallParamsW
SetupDiGetINFClassW
SetupDiOpenClassRegKeyExW
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiSetSelectedDriverW
SetupOpenFileQueue
SetupScanFileQueueW
CM_Connect_MachineW
SetupDiEnumDeviceInfo
SetupDiDestroyDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupDiClassNameFromGuidExW
SetupDiClassGuidsFromNameExW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiBuildClassInfoListExW
SetupCloseFileQueue
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_Next_Res_Des_Ex
CM_Get_First_Log_Conf_Ex
CM_Get_Device_ID_ExW
CM_Get_DevNode_Status_Ex
CM_Free_Res_Des_Handle
CM_Free_Log_Conf_Handle
CM_Disconnect_Machine
SetupDiGetDeviceInstallParamsW

msvcrt

wcsrchr
wcscmp
wcschr
wcscat
towupper
towlower
iswalpha
fwprintf
fputws
fclose
exit
_wfopen
_wcsnicmp
_wcsicmp
_initterm
_exit
_except_handler3
_controlfp
_cexit
_c_exit
_adjust_fdiv
__winitenv
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
_XcptFilter

kernel32

FormatMessageW
FileTimeToSystemTime
ExitProcess
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetFileAttributesW
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
LoadLibraryW
LocalFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
lstrcpyW
lstrcpynW
lstrlenW
CloseHandle

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a029881fd4ca730c9dbe96ff8a4603b

Headers

File Characteristics

Imports

user32

advapi32

setupapi

msvcrt

kernel32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 3KB - Virtual size: 2KB