aad6e3b31641f136be4c22fe6b5a93d7b20ffe012982d2eb623953979bc321f0

Sharing

Copy URL

Twitter E-mail

General

Target

aad6e3b31641f136be4c22fe6b5a93d7b20ffe012982d2eb623953979bc321f0
Size

100KB
MD5

6a4fd4c9043f0d8c1d248a5de5fb7432
SHA1

dec5d8c0e7ebcbe58ca92bd5e030e7a35bf9e1c2
SHA256

aad6e3b31641f136be4c22fe6b5a93d7b20ffe012982d2eb623953979bc321f0
SHA512

99434745d269aeac37ac058b33b98d1e740543fbd73bf38e2825629b75fde3eef33935ebf6eae837ada21ad62790a87585eb59257f41f2489b519b29bc91bca8
SSDEEP

1536:2+1NXToN01Wl+wwOXRoaoxIX2ZS9OCFUNW:2ssq1Wl+wZo3mNO6UNW

Score

N/A

Malware Config

Signatures

Files

aad6e3b31641f136be4c22fe6b5a93d7b20ffe012982d2eb623953979bc321f0
.exe windows x86

e66df395187163332f46c36e81065e7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

powrprof

GetPwrDiskSpindownRange

hid

HidD_GetSerialNumberString
HidD_GetHidGuid
HidD_GetAttributes

cfgmgr32

CM_Locate_DevNodeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Parent
CM_Get_Device_IDW

mfc80u

ord4074
ord283
ord293
ord2461
ord774
ord4100
ord5524
ord2311
ord777
ord1479
ord282
ord6700
ord4078
ord776
ord5485
ord5414
ord6173
ord577
ord764
ord6167
ord1906
ord5705
ord5558
ord2261

msvcr80

__getmainargs
_amsg_exit
exit
strncmp
wprintf
_wcsicmp
memcpy
_cexit
_snwprintf
__CxxFrameHandler3
malloc
free
wcsstr
memset
printf
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
wcscspn

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
CreateMutexW
CreateFileMappingW
CreateThread
ResetEvent
GetVersionExW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
CreateNamedPipeW
WriteFile
ReadFile
ExitThread
DisconnectNamedPipe
ConnectNamedPipe
SetEvent
MapViewOfFile
UnmapViewOfFile
InitializeCriticalSection
GetCommandLineW
SetConsoleCtrlHandler
GlobalFree
GetModuleFileNameW
FormatMessageW
lstrlenW
ReleaseMutex
GetVersion
Sleep
LoadLibraryW
GetProcAddress
FreeLibrary
GetLogicalDrives
GetDriveTypeW
CreateFileW
LocalAlloc
LocalFree
DeviceIoControl
SetLastError
WaitForSingleObject
CancelIo
GetOverlappedResult
WaitForMultipleObjects
CloseHandle
GetLastError
CreateEventW
LeaveCriticalSection
EnterCriticalSection

user32

RegisterDeviceNotificationW
wsprintfW
UnregisterDeviceNotification

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
SetServiceStatus
CloseServiceHandle
StartServiceW
ChangeServiceConfig2W
CreateServiceW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerW

shell32

CommandLineToArgvW

shlwapi

SHRegSetUSValueW

oleaut32

SysFreeString

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInfo
SetupDiRemoveDevice
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 823KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e66df395187163332f46c36e81065e7a

Headers

File Characteristics

Imports

powrprof

hid

cfgmgr32

mfc80u

msvcr80

kernel32

user32

advapi32

shell32

shlwapi

oleaut32

setupapi

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 823KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 823KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 7KB