72fd7743031cb3ca5bb6c47c01e4f04aca07f7f1bd383e1e1ed9773ba29cc62e

Sharing

Copy URL Twitter E-mail

General

Target

72fd7743031cb3ca5bb6c47c01e4f04aca07f7f1bd383e1e1ed9773ba29cc62e
Size

616KB
MD5

61251f6282358e1e652e887ae6d8e950
SHA1

fd1a5454a77c54077e73feb02b5041ed6359e637
SHA256

72fd7743031cb3ca5bb6c47c01e4f04aca07f7f1bd383e1e1ed9773ba29cc62e
SHA512

c04e58cd4df3893255f0c6fadaeb0ceb4b0a0ead38dd8c9c230b3f35683386d195cabc7249d1919699d291bce74ed1bc1bc19e7e777f2dd58c488641223b95ce
SSDEEP

12288:gjNPZSDCDCPnfj+nACtBAbz3+MxosWrTjJxEOEwVpZdDjb+yObjl6mbX:GNOfv1wbVTpjxuM

Score

N/A

Malware Config

Signatures

Files

72fd7743031cb3ca5bb6c47c01e4f04aca07f7f1bd383e1e1ed9773ba29cc62e
.exe windows x64

8054a4367181bc970e4ac969357c1da4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegEnumKeyW
RegQueryValueExW
RegQueryInfoKeyW
ConvertStringSidToSidW
RegOpenKeyExW
CheckTokenMembership
RegEnumKeyExW
RegLoadKeyW
RegCloseKey
RegUnLoadKeyW
RegisterTraceGuidsW
GetTraceEnableLevel
UnregisterTraceGuids
TraceEvent
GetTraceLoggerHandle
GetTraceEnableFlags
GetLengthSid
FreeSid
IsValidSid
AllocateAndInitializeSid
EqualSid
CopySid
GetTokenInformation
OpenThreadToken
OpenProcessToken

kernel32

SetLastError
OpenEventW
WaitForSingleObject
LoadLibraryW
GetVersionExW
GetProcessHeap
CreateFileMappingW
GetFileAttributesW
CreateDirectoryW
SetEndOfFile
MapViewOfFile
SetFilePointer
GetFullPathNameW
ExpandEnvironmentStringsW
FindNextFileW
lstrcmpiW
FindClose
lstrlenW
lstrcmpW
CompareStringW
FreeLibrary
FindFirstFileW
DebugBreak
OutputDebugStringA
DeleteCriticalSection
GetModuleFileNameA
EnterCriticalSection
GetModuleFileNameW
HeapCreate
LeaveCriticalSection
HeapDestroy
InitializeCriticalSection
OutputDebugStringW
HeapFree
HeapAlloc
HeapReAlloc
LocalFree
GetLastError
FormatMessageW
GetModuleHandleW
Sleep
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjectsEx
RaiseException
CreateMutexW
GetThreadLocale
ReleaseMutex
CloseHandle
LCMapStringW
GetCurrentThread
GetSystemWindowsDirectoryW
SetEvent
WaitForSingleObjectEx
GetProcAddress
CreateEventW

msvcrt

_vsnprintf
strrchr
wprintf
_wcsicmp
wcschr
__wgetmainargs
memset
_vsnwprintf
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
_resetstkoflw
_wcsnicmp
wcsrchr
memcpy

user32

LoadStringW

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlFreeHeap
RtlAllocateHeap
RtlVirtualUnwind

setupapi

SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetActualModelsSectionW
SetupGetFieldCount
SetupFindFirstLineW
SetupDiGetINFClassW
SetupGetStringFieldW

newdev

DiInstallDriverW

rpcrt4

UuidToStringW
RpcStringFreeW

mpr

WNetAddConnection2W
WNetCancelConnection2W

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 556KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8054a4367181bc970e4ac969357c1da4

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ntdll

setupapi

newdev

rpcrt4

mpr

Sections

.text Size: 54KB - Virtual size: 53KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 556KB - Virtual size: 2.4MB

.text
Size: 54KB - Virtual size: 53KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 556KB - Virtual size: 2.4MB