ac551a7634cfdefbcee1561a64e7b84aa8e4386cffa88e6f394b88b9f910d349

Sharing

Copy URL Twitter E-mail

General

Target

ac551a7634cfdefbcee1561a64e7b84aa8e4386cffa88e6f394b88b9f910d349
Size

452KB
MD5

52ae3017a45c05720df1d28e633282b0
SHA1

8b5f6b3582b4b169ad2002c269ae37cf6c693244
SHA256

ac551a7634cfdefbcee1561a64e7b84aa8e4386cffa88e6f394b88b9f910d349
SHA512

87db11a2add020a1e3e4cafa31860232a2bd35dcf66f5b29ad1bda798795d5476f075d2b890bf96b4291a427ca7cf31b96e2ac3a70affc3470f082c4018b982b
SSDEEP

6144:zISESE1c5npmuQcsZ6b9gbYB97WM5DDwKQ7eLU0vQhctuNqmEV:ki5npHQcBJO/PMvQKyFe

Score

N/A

Malware Config

Signatures

Files

ac551a7634cfdefbcee1561a64e7b84aa8e4386cffa88e6f394b88b9f910d349
.exe windows x86

9da39090465e6848243c3d25e8be7ef0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupFindNextLine
SetupGetLineTextA
SetupFindFirstLineA
SetupOpenInfFileA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetINFClassA
SetupGetStringFieldA
SetupDiGetDeviceRegistryPropertyA
SetupCopyOEMInfA
CM_Reenumerate_DevNode
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNodeA
SetupCloseInfFile

difxapi

DriverPackageInstallA
DIFXAPISetLogCallbackA
DriverPackageGetPathA
DriverPackageUninstallA

shlwapi

PathFindFileNameA
PathFileExistsA
PathIsRootA
PathRemoveFileSpecA
PathIsDirectoryEmptyA

kernel32

FindResourceA
GetLastError
SetLastError
CloseHandle
WaitForSingleObject
SetEvent
CreateEventA
ReadFile
GetFileSize
CreateFileA
CreateThread
VerifyVersionInfoA
VerSetConditionMask
FindNextFileA
FindClose
FindFirstFileA
GetLocalTime
GetCurrentProcess
GetProcAddress
GetModuleHandleA
GetVersionExA
TerminateProcess
OpenProcess
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
MultiByteToWideChar
GetFileAttributesA
GetModuleFileNameA
GetWindowsDirectoryA
GetCurrentProcessId
MoveFileExA
SizeofResource
SetFileAttributesA
CopyFileA
ExitProcess
CreateProcessA
GetLocaleInfoA
Sleep
ConvertDefaultLocale
GetSystemDefaultLangID
EnumResourceLanguagesA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetOEMCP
GetACP
HeapSize
LoadResource
LockResource
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
GetStringTypeA
GetStringTypeW
DeleteFileA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileW
SetEndOfFile
RemoveDirectoryA
GetCurrentThreadId
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStartupInfoA
GetProcessHeap
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
HeapAlloc

user32

LoadImageA
SendMessageA
SetFocus
EndDialog
SetDlgItemTextA
EnableWindow
CheckRadioButton
LoadIconA
ShowWindow
SetWindowPos
ExitWindowsEx
GetWindowThreadProcessId
GetWindowModuleFileNameA
EnumWindows
LoadStringA
MessageBoxA
DialogBoxParamA
SendDlgItemMessageA
GetDlgItem
SetWindowTextA

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject
CreateSolidBrush

advapi32

OpenProcessToken
DeleteService
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
CreateServiceA
ChangeServiceConfig2A
StartServiceA
OpenSCManagerA
CloseServiceHandle
OpenServiceA
ControlService
QueryServiceStatus
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges

shell32

SHGetFolderPathA
SHCreateDirectoryExA

ole32

OleUninitialize
OleInitialize
CoInitialize
CoCreateInstance

psapi

GetModuleFileNameExA
EnumProcesses
EnumProcessModules
GetModuleBaseNameA

Sections

.text
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

G��?�
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9da39090465e6848243c3d25e8be7ef0

Headers

File Characteristics

Imports

setupapi

difxapi

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

psapi

Sections

.text Size: 264KB - Virtual size: 262KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 44KB - Virtual size: 42KB

G���?� Size: 88KB - Virtual size: 88KB

.text
Size: 264KB - Virtual size: 262KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 44KB - Virtual size: 42KB

G��?�
Size: 88KB - Virtual size: 88KB