157d33c220e17bb47c689a753d18145bc8700d4f660988fb4ef4b1f553cf386a

Sharing

Copy URL

Twitter E-mail

General

Target

157d33c220e17bb47c689a753d18145bc8700d4f660988fb4ef4b1f553cf386a
Size

68KB
MD5

61465a3cd9e3c2d11a78bccd10f18b00
SHA1

2d006dcc99cc4c8feb5160f38df4f995e36191a0
SHA256

157d33c220e17bb47c689a753d18145bc8700d4f660988fb4ef4b1f553cf386a
SHA512

3c60b0a557a8bc9481fbfd1b6809355f3d040a73b4f7a9e5362d6e76c8e28cef59082af5a8a794c0689b69c7351b89372fb678ef149b46d1592b7b2b936888c1
SSDEEP

768:oFzstQPOzUjSqIGcNIA5NYsCN7AewLyUXIrFhxssU/vDPkNNwYmQFJD:CX+IUebwuUXEhSsU/7kNVmQF

Score

N/A

Malware Config

Signatures

Files

157d33c220e17bb47c689a753d18145bc8700d4f660988fb4ef4b1f553cf386a
.exe windows x64

73fc942c9ba0dd68e35683eda2be01db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExA
RegCloseKey

kernel32

CopyFileA
SetFileAttributesA
lstrcatA
lstrlenA
lstrcpyA
ExpandEnvironmentStringsA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetModuleFileNameA
GetModuleHandleA
FindClose
FindNextFileA
GetFullPathNameA
FindFirstFileA
lstrcmpiA
LocalAlloc
GetLastError
LocalFree
FormatMessageA
GlobalFree
GlobalAlloc
DeleteFileA
GetSystemWindowsDirectoryA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitProcess
GetProcAddress
WriteFile
GetStdHandle
RtlUnwindEx
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
Sleep
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

CreateWindowExA
UpdateWindow
DestroyWindow
ShowWindow

setupapi

CM_Reenumerate_DevNode
CM_Locate_DevNodeA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsA
SetupDiOpenDevRegKey
SetupGetInfInformationA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
CM_Get_DevNode_Status
SetupQueryInfVersionInformationA

newdev

UpdateDriverForPlugAndPlayDevicesA

shell32

SHGetFolderPathA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73fc942c9ba0dd68e35683eda2be01db

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

setupapi

newdev

shell32

Sections

.text Size: 28KB - Virtual size: 27KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 28KB - Virtual size: 27KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 34KB - Virtual size: 33KB