f0ae1af59ab03a73bb4af0ab6452660b2d3983616fcb03bdb0efa6addf1fe7c1

Sharing

Copy URL Twitter E-mail

General

Target

f0ae1af59ab03a73bb4af0ab6452660b2d3983616fcb03bdb0efa6addf1fe7c1
Size

218KB
MD5

02a621fe8cfdfe160ad0b8dab6a41180
SHA1

2b4686a3595008a12a20126b70e620348749a625
SHA256

f0ae1af59ab03a73bb4af0ab6452660b2d3983616fcb03bdb0efa6addf1fe7c1
SHA512

6c1905214c7739f3c46c5ac9de29f34e30033e679b45e3a763889fae4e57b372f28351dc5cf215b913535cea54341a4039cb62faf996646fc1216c4aab3dc678
SSDEEP

3072:CGy6fyxRQsc5JvlY/49OVBlVfVTosh8H3fPChz7hhoQTuFkALVTPjP:CGy6cRQ3JWQ0HlgGM3fqh90bLVP

Score

N/A

Malware Config

Signatures

Files

f0ae1af59ab03a73bb4af0ab6452660b2d3983616fcb03bdb0efa6addf1fe7c1
.exe windows x86

b3a89f0670c5e7c2cf1b05f44248b100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

powrprof

SetActivePwrScheme
DeletePwrScheme
WritePwrScheme
WriteProcessorPwrScheme
EnumPwrSchemes
GetActivePwrScheme

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

kernel32

WaitForSingleObject
CloseHandle
SetEvent
GetLastError
CreateMutexA
SetThreadPriority
SetPriorityClass
GetCurrentProcess
CreateThread
CreateEventA
DeviceIoControl
SetProcessAffinityMask
GetProcessAffinityMask
LocalFree
CreateFileA
LocalAlloc
CreateProcessA
GetVersionExA
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpynA
GetStdHandle
AllocConsole
DisconnectNamedPipe
FlushFileBuffers
WriteFile
ReadFile
ConnectNamedPipe
ResetEvent
CreateNamedPipeA
ReleaseMutex
CompareStringW
CompareStringA
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetCPInfo
GetOEMCP
GetACP
VirtualProtect
MultiByteToWideChar
VirtualAlloc
VirtualQuery
InterlockedExchange
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
CreatePipe
SetHandleCount
WaitForMultipleObjects
SetEnvironmentVariableA
GetLocaleInfoA
SetUnhandledExceptionFilter
IsBadCodePtr
GetCurrentThreadId
TerminateProcess
GetFileAttributesA
ExitProcess
DuplicateHandle
SetStdHandle
GetFileType
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapAlloc
HeapReAlloc
HeapFree

user32

CreatePopupMenu
InsertMenuA
SetForegroundWindow
TrackPopupMenu
DestroyMenu
CreateWindowExA
GetSystemMetrics
LoadImageA
DestroyIcon
GetCursorPos
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetProcessWindowStation
GetThreadDesktop
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DestroyWindow
DialogBoxParamA
EndDialog
SetUserObjectSecurity
LoadIconA

advapi32

RegCloseKey
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
InitializeAcl
AddAccessAllowedAce
ReportEventA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DeregisterEventSource
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegNotifyChangeKeyValue

shell32

Shell_NotifyIconA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b3a89f0670c5e7c2cf1b05f44248b100

Headers

File Characteristics

Imports

setupapi

powrprof

wtsapi32

kernel32

user32

advapi32

shell32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 150KB - Virtual size: 164KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 150KB - Virtual size: 164KB