39470936335265030510eb602915c304fa667f60542636469ca5fdffbcad4285

Sharing

Copy URL Twitter E-mail

General

Target

39470936335265030510eb602915c304fa667f60542636469ca5fdffbcad4285
Size

50KB
MD5

414da5c97971b7b16bef9221fbb969a0
SHA1

43f268e669127530754a420464a51a85e31805ae
SHA256

39470936335265030510eb602915c304fa667f60542636469ca5fdffbcad4285
SHA512

859c5ea8acf887180d2e42ec2d712715d4579da2df80e11ec78d3c8e0cb56444a68909e0ccc10a800a47beac373217d69ae3b19906cfe923d5427786e2b0032b
SSDEEP

1536:A2N/LzVSpoZKITazG75QDiCbBkHuFJjOI/cglW:A2N/LzVao5TekXCjJjOCcsW

Score

N/A

Malware Config

Signatures

Files

39470936335265030510eb602915c304fa667f60542636469ca5fdffbcad4285
.exe windows x86

7808fd325bf451cda117496280bd1fac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FindClose
FindFirstFileA
lstrcpyA
lstrlenA
GetPrivateProfileSectionA
FreeLibrary
GetProcAddress
LoadLibraryExA
GetPrivateProfileStringA
GetSystemDirectoryA
lstrcmpiA
CreateMutexA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetVersionExA
GetWindowsDirectoryA
OutputDebugStringA
lstrcmpA
lstrcpynA
VirtualQuery
GetSystemInfo
VirtualProtect
ReadFile
GetProcessHeap
SetEndOfFile
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetLocalTime
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
CloseHandle
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
Sleep
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

advapi32

RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA

setupapi

SetupCloseInfFile
SetupFindNextLine
SetupGetLineTextA
SetupFindFirstLineA
SetupOpenInfFileA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ole32

CoInitialize

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7808fd325bf451cda117496280bd1fac

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

setupapi

version

ole32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 26KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 26KB