297e10bb652e13024e07bac5f0475d673e7a3dd357624e78f32cfe0fe3944cf7

Sharing

Copy URL Twitter E-mail

General

Target

297e10bb652e13024e07bac5f0475d673e7a3dd357624e78f32cfe0fe3944cf7
Size

77KB
MD5

6f7996d55de2b5d4b433b7bea94c40a6
SHA1

34d7f79116d3843ccb6a53776a0b33257efdd2b4
SHA256

297e10bb652e13024e07bac5f0475d673e7a3dd357624e78f32cfe0fe3944cf7
SHA512

5edbdf61aecf60a8f494ef48d1ba84323587dc397bedc3fb7efd869f1b8a8f955748c47e8be5dc54f5085673e261d4609accc926958fae41a068f3141ebbaa7a
SSDEEP

1536:eqRyBl8W0Xwxd7mE5R8zLe9c3uKmky/tePhE:RRyT8tXwxVFmLe9D9teZ

Score

N/A

Malware Config

Signatures

Files

297e10bb652e13024e07bac5f0475d673e7a3dd357624e78f32cfe0fe3944cf7
.exe windows x64

03e959cd97b6a0fea70e2ba4b2faf653

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA

kernel32

GetCurrentProcess
CloseHandle
WaitForSingleObject
RtlZeroMemory
SetLastError
lstrlenA
LocalFree
LocalAlloc
GetLastError
GetVersionExA
HeapReAlloc
CreateThread
GetModuleFileNameA
GetSystemDefaultLangID
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
LoadLibraryA
GetLocaleInfoA
HeapSize
GetExitCodeThread
GetACP
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetOEMCP
FlsGetValue
FlsSetValue
TlsFree
FlsFree
GetCurrentThreadId
FlsAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
WriteFile
GetStdHandle
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
Sleep

user32

GetDlgItem
SetWindowTextA
wsprintfA

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fjohiav
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03e959cd97b6a0fea70e2ba4b2faf653

Headers

DLL Characteristics

File Characteristics

Imports

newdev

setupapi

kernel32

user32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 31KB

fjohiav Size: - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 31KB

fjohiav
Size: - Virtual size: 4KB