7b24d0a6fba83e9792a9ec23296afcee6d4747de5d6ea26a62a79934dd0d5aa1

Sharing

Copy URL Twitter E-mail

General

Target

7b24d0a6fba83e9792a9ec23296afcee6d4747de5d6ea26a62a79934dd0d5aa1
Size

582KB
MD5

6b4fe07c6209abd0c7db3c59c534101a
SHA1

222bd0089786421ff4a2750640c384b57dff0aca
SHA256

7b24d0a6fba83e9792a9ec23296afcee6d4747de5d6ea26a62a79934dd0d5aa1
SHA512

ce620bd42a3070f932c85271514fe2f3b9f62ace5837000af53ba10190a93bb08b8b23f084de8c952d8125c588f30f497cd7a2ccd73feae4003334cce8bc8188
SSDEEP

12288:2typyDx2loSjQCyPhkEbfilo6TZ0HGd+Fui:8FqoSjQdhkEDimnH

Score

N/A

Malware Config

Signatures

Files

7b24d0a6fba83e9792a9ec23296afcee6d4747de5d6ea26a62a79934dd0d5aa1
.dll windows x86

e9807948bc13a4e96d6e4b76032b07d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemInfo
GetTickCount
GetUserDefaultLangID
GetWindowsDirectoryA
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
GetCPInfo
LeaveCriticalSection
MultiByteToWideChar
OpenProcess
OutputDebugStringA
Process32First
Process32Next
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrlenA
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
ExitProcess
EnterCriticalSection
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileA
CopyFileA
LCMapStringW
CloseHandle

advapi32

RevertToSelf
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupAccountSidA
LookupAccountNameA
GetTokenInformation
DeleteAce
CopySid
AccessCheck
SystemFunction008

setupapi

SetupDiCallClassInstaller
SetupDiGetDriverInfoDetailA
SetupDiGetSelectedDriverA
SetupDiOpenDevRegKey
SetupGetLineTextA
SetupOpenInfFileA
SetupCloseInfFile

Exports

Exports

Check
ProgramText
State_Next
method
mmx_support

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9807948bc13a4e96d6e4b76032b07d8

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 208KB - Virtual size: 208KB

.rsrc Size: 166KB - Virtual size: 166KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 208KB - Virtual size: 208KB

.rsrc
Size: 166KB - Virtual size: 166KB

.reloc
Size: 13KB - Virtual size: 12KB