4ee9a90fa1dbbf039a609343b448b89c515f4303f1eeba6c690016b69463737c

Sharing

Copy URL Twitter E-mail

General

Target

4ee9a90fa1dbbf039a609343b448b89c515f4303f1eeba6c690016b69463737c
Size

72KB
MD5

66602841a6705ca59e8ecab66390ebd0
SHA1

f2dc939fe51ed997a82d087037b8d25b4c56c687
SHA256

4ee9a90fa1dbbf039a609343b448b89c515f4303f1eeba6c690016b69463737c
SHA512

267874cc6a0275c529632b300d232d7c96aaaade02d24bbcb9abab03e922fea186e0f545d3c2fdd2a1b90161caddd236bde6cd6b7a6c27023ec4373e635e6024
SSDEEP

1536:m7XcizkgOuylIAtd3rlxHeWZgGCq2iW7z:mDcCOzJd3rlxHeWSGCH

Score

N/A

Malware Config

Signatures

Files

4ee9a90fa1dbbf039a609343b448b89c515f4303f1eeba6c690016b69463737c
.exe windows x86

8d0d9afc12452dad84ecf0199717fda1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
wcscmp
wprintf
wcsrchr
_wcsicmp
_wcsnicmp
iswalpha
towupper
towlower
wcschr
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
fputs
fputws

advapi32

OpenSCManagerW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
CloseServiceHandle
OpenServiceW
OpenProcessToken

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
FileTimeToSystemTime
GetDateFormatW
GetFileAttributesW
lstrlenW
GetLastError
GetCurrentProcess
CloseHandle
FormatMessageW
LocalFree
QueryPerformanceCounter
GetFullPathNameW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrcpyW

setupapi

SetupDiDestroyDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiOpenDevRegKey
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupCloseFileQueue
SetupScanFileQueueW
SetupDiCallClassInstaller
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiGetDriverInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiGetClassDescriptionExW
SetupDiClassNameFromGuidExW
SetupDiBuildClassInfoListExW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
CM_Free_Log_Conf_Handle
CM_Disconnect_Machine
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Connect_MachineW
CM_Get_Next_Res_Des_Ex
CM_Free_Res_Des_Handle
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_Device_ID_ExW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetClassDevsExW
SetupDiCreateDeviceInfoListExW
SetupDiClassGuidsFromNameExW
CM_Get_DevNode_Status_Ex
CM_Get_First_Log_Conf_Ex

user32

ExitWindowsEx
CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4G\�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d0d9afc12452dad84ecf0199717fda1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

setupapi

user32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 33KB - Virtual size: 32KB

4G\�u� Size: 16KB - Virtual size: 20KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 33KB - Virtual size: 32KB

4G\�u�
Size: 16KB - Virtual size: 20KB