3fad623baa91466f61df5023847cb2603c90346b6f234d22c6c074f1b382d2c6

Sharing

Copy URL

Twitter E-mail

General

Target

3fad623baa91466f61df5023847cb2603c90346b6f234d22c6c074f1b382d2c6
Size

896KB
MD5

43163d4cef9e2d6234b70b9d57880c30
SHA1

0f388e00e35290fc9786b604ccc1d29b78a8b016
SHA256

3fad623baa91466f61df5023847cb2603c90346b6f234d22c6c074f1b382d2c6
SHA512

183b1fc019ba7d02b4e9f592ee2f0da31204ef4c3f5d1d10bbf21030b75d65e09d592de2e8c81812320db458e9cc28cdd3f60bc0ec4666af0226e9d31b64f474
SSDEEP

12288:53PPWQ41Y7xdFgBzblEOGSEzUvzblE4wEQRUSEcfv44IdmIKi9h:N26FgB+OP+ac349h

Score

N/A

Malware Config

Signatures

Files

3fad623baa91466f61df5023847cb2603c90346b6f234d22c6c074f1b382d2c6
.exe windows x86

6dc50238c1cbbfcdf5d144ec66f41d08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupFindNextLine
SetupGetLineTextW
SetupFindFirstLineW
SetupOpenInfFileW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetINFClassW
SetupGetStringFieldW
SetupDiGetDeviceRegistryPropertyW
SetupCopyOEMInfW
SetupCloseInfFile

shlwapi

PathFindFileNameW
PathIsDirectoryEmptyW
PathFileExistsW
PathIsRootW
PathRemoveFileSpecW
PathAppendW

kernel32

SetEvent
CreateEventW
CreateThread
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW
FindClose
FindFirstFileW
GetLocalTime
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetVersionExW
TerminateProcess
OpenProcess
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
WriteFile
CreateFileA
GetModuleFileNameA
GetTempPathA
GetModuleFileNameW
GetWindowsDirectoryW
RemoveDirectoryW
MoveFileExW
DeleteFileW
SetFileAttributesW
Sleep
CopyFileW
ExitProcess
FindResourceW
GetLocaleInfoW
OutputDebugStringW
ConvertDefaultLocale
GetSystemDefaultLangID
EnumResourceLanguagesW
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSection
GetStdHandle
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
SizeofResource
LoadResource
LockResource
MultiByteToWideChar
CreateFileW
GetFileSize
ReadFile
CloseHandle
WaitForSingleObject
SetLastError
GetLastError
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateProcessW
WideCharToMultiByte
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
LocalAlloc
InterlockedExchange
LoadLibraryA
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
GetVersionExA
GetProcessHeap
GetStartupInfoW

user32

LoadStringW
SendDlgItemMessageW
EndDialog
SetDlgItemTextW
SetWindowTextW
SetFocus
DialogBoxParamW
GetDlgItem
SendMessageW
EnumWindows
LoadImageW
MapDialogRect
EnableWindow
ShowWindow
SetTimer
KillTimer
PostMessageW
MessageBoxW
ExitWindowsEx
GetWindowThreadProcessId
GetWindowModuleFileNameW
SetWindowPos
LoadIconW

gdi32

SetBkMode
GetStockObject
GetObjectW
CreateFontIndirectW
DeleteObject
CreateSolidBrush
CreateFontW
SetTextColor

advapi32

OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegQueryValueExW
CreateServiceW
ChangeServiceConfigW
ChangeServiceConfig2W
StartServiceW
QueryServiceStatus
OpenSCManagerW
CloseServiceHandle
OpenServiceW
ControlService
DeleteService
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
IsTextUnicode

shell32

ShellExecuteA
SHGetFolderPathW
SHCreateDirectoryExW

ole32

OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dc50238c1cbbfcdf5d144ec66f41d08

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

psapi

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 568KB - Virtual size: 565KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 568KB - Virtual size: 565KB