d27a9589e5036e0b70b6f27ce3fa878568c1c65d0b1a040b25d09c68d2df3f29

Sharing

Copy URL Twitter E-mail

General

Target

d27a9589e5036e0b70b6f27ce3fa878568c1c65d0b1a040b25d09c68d2df3f29
Size

370KB
MD5

666cd3b380b30f741bd16b891fb30f30
SHA1

4b2bf71029f31c2588196b4f64cf6973c3e175cb
SHA256

d27a9589e5036e0b70b6f27ce3fa878568c1c65d0b1a040b25d09c68d2df3f29
SHA512

95dab077716bc2dced574e67f2307f18c9bc9057ff4e94592e716802924f1823fd6682e4e669b42fa156070270a316277c1899686ac23ba95dddf3ae35d57210
SSDEEP

6144:JA5M8lt00q4xPhq1VaaKyiCpyqjDxU4RhWyzbpwGzEL+SS:J0zw4xPhq1VMCpyq/24DWy/prz1SS

Score

N/A

Malware Config

Signatures

Files

d27a9589e5036e0b70b6f27ce3fa878568c1c65d0b1a040b25d09c68d2df3f29
.exe windows x86

9e44f9d1145fc1d6163ed4ee1c56de46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryW
SetLastError
HeapFree
SearchPathA
LoadResource
lstrlenW
lstrcpyW
GetLastError
LeaveCriticalSection
DeleteCriticalSection
lstrcmpiW
MultiByteToWideChar
DuplicateHandle
CreateThread
MulDiv
ReleaseSemaphore
CreateSemaphoreW
GetCommandLineW
Sleep
SetEvent
ResetEvent
CreateEventW
DisableThreadLibraryCalls
FindResourceW
SizeofResource
lstrlenA
FreeLibrary
lstrcatW
GetCurrentThread
lstrcpynW
IsValidCodePage
GetVersion
IsProcessorFeaturePresent
CreateFileW
GetFileSize
ReadFile
ReleaseMutex
LocalAlloc
CreateMutexW
WaitForSingleObject
FindClose
LocalFree
GetModuleHandleW
GetStdHandle
WriteConsoleW
WriteFile
UnhandledExceptionFilter
QueryPerformanceCounter
HeapReAlloc
GetPrivateProfileStringW
CopyFileW
GetACP
WideCharToMultiByte
GetWindowsDirectoryW
CreateDirectoryW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
FindNextFileW
CloseHandle
LoadLibraryA
InterlockedExchange
GetProcAddress
RaiseException

advapi32

QueryServiceStatus
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
FreeSid
InitializeSecurityDescriptor
RegEnumKeyW
IsTextUnicode
AllocateAndInitializeSid
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyExW
CloseServiceHandle
OpenSCManagerW
CreateServiceW
RegSetValueW
ChangeServiceConfigW
LockServiceDatabase
DeleteService
UnlockServiceDatabase

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

msvcrt

exit
wcschr
fprintf
realloc
wcsstr
wcsrchr
wcsspn
wcscspn
strchr
atoi
memset
free

shlwapi

PathCombineA
PathFindExtensionA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetDeviceInstallParamsW
SetupCopyOEMInfW
SetupFindFirstLineW
SetupGetStringFieldW
SetupGetIntField
SetupOpenInfFileW
SetupDiGetActualSectionToInstallW
SetupDiGetDeviceInstallParamsW
SetupDiOpenDevRegKey
SetupDiGetSelectedDriverW
SetupDiInstallDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiDeleteDevRegKey
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiCreateDeviceInfoList
SetupDiSetDriverInstallParamsW
SetupDiGetDriverInstallParamsW
SetupDiGetDriverInfoDetailW

winmm

OpenDriver
CloseDriver

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e44f9d1145fc1d6163ed4ee1c56de46

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

shlwapi

setupapi

winmm

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 20KB - Virtual size: 232KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 20KB - Virtual size: 232KB

.rsrc
Size: 48KB - Virtual size: 45KB