878f467ef20fdeeaee763d38079640e3ab763071d35d347a2faa8fa3b3d7717b

Sharing

Copy URL Twitter E-mail

General

Target

878f467ef20fdeeaee763d38079640e3ab763071d35d347a2faa8fa3b3d7717b
Size

96KB
MD5

71219194cad7c9ec48934ff17b2f5500
SHA1

40f6a25403871ba89f882a3b00f015bfee991cc1
SHA256

878f467ef20fdeeaee763d38079640e3ab763071d35d347a2faa8fa3b3d7717b
SHA512

d7207b8a12b2b735218fadc5028e299bca824bbea13577e76830e89271f4e7e0b816741a6d2ed72e5b2d4acd385d2f8997baaaebcf07a1a54746770a46d00b3f
SSDEEP

1536:QKRrW0DOGxjoNs75iccosCwfImxY9s2dzZ7QjSohm2EkKg:QK7OKsyg2sCwfImxYG2dtHoh4p

Score

N/A

Malware Config

Signatures

Files

878f467ef20fdeeaee763d38079640e3ab763071d35d347a2faa8fa3b3d7717b
.exe windows x86

18f0bde34fa18c51c1231d9c2ef63c69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetConsoleTitleA
SetConsoleTextAttribute
CloseHandle
DeviceIoControl
CreateFileA
GetVolumeInformationA
GetDriveTypeA
GetProcAddress
LoadLibraryA
QueryDosDeviceA
GetVolumeNameForVolumeMountPointA
FindVolumeClose
FindNextVolumeA
FindVolumeMountPointClose
FindNextVolumeMountPointA
FindFirstVolumeMountPointA
FindFirstVolumeA
FlushFileBuffers
CopyFileA
GetTempPathA
SetErrorMode
WideCharToMultiByte
lstrlenW
DuplicateHandle
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetTickCount
GetExitCodeThread
WaitForSingleObject
CreateThread
GetVolumePathNameA
GetVersionExA
LocalFree
FormatMessageA
FlushConsoleInputBuffer
CreateProcessA
WriteFile
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleA
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetACP
GetOEMCP
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
ExitProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
ReadConsoleInputA
GetModuleFileNameA
SetConsoleCtrlHandler
GetStdHandle
SetConsoleMode
GetLastError
GetConsoleScreenBufferInfo

user32

GetWindowThreadProcessId
IsWindowVisible
GetWindow
GetDesktopWindow

advapi32

CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA
ControlService
QueryServiceStatus

setupapi

SetupDiGetClassDevsA
CM_Query_And_Remove_SubTreeW
CM_Get_DevNode_Registry_PropertyA
CM_Get_DevNode_Status
SetupDiDestroyDeviceInfoList
CM_Get_Parent
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
CM_Request_Device_EjectW
CM_Get_Device_IDA

shell32

ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tupfjvr
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18f0bde34fa18c51c1231d9c2ef63c69

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

shell32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 36KB - Virtual size: 36KB

tupfjvr Size: - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 36KB - Virtual size: 36KB

tupfjvr
Size: - Virtual size: 4KB