2fe913680d16de38caccb651a8550b152a9817231564d013ef7ad9fec7c9a563

Sharing

Copy URL

Twitter E-mail

General

Target

2fe913680d16de38caccb651a8550b152a9817231564d013ef7ad9fec7c9a563
Size

621KB
MD5

23b325f46049859b5e35b5f8e0c496c0
SHA1

70fc425c6c47a12896012d076f3907059816b9b9
SHA256

2fe913680d16de38caccb651a8550b152a9817231564d013ef7ad9fec7c9a563
SHA512

b8409f33a08b4d74c09c8c11f39a04d0aeb6d2a86895e82dbe9f53b8d8b234d7c6a6ba1d052a85545dae52b65e5830321c5025fc6d067ed87325edc2016b20a9
SSDEEP

12288:jUJmdclfBzvVljaAIRgBh/KByka6s1dLhAV13DUrWEqXU:o2clHljaEJKEk+rLONKqk

Score

N/A

Malware Config

Signatures

Files

2fe913680d16de38caccb651a8550b152a9817231564d013ef7ad9fec7c9a563
.exe windows x64

c536038d069d374313c4f3ea876cc1a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

OpenProcessToken
LookupPrivilegeValueW
RegQueryValueExW
AdjustTokenPrivileges
InitiateSystemShutdownExW
RegCloseKey
RegSetValueExW
CloseServiceHandle
OpenSCManagerW
RegDeleteValueW
OpenServiceW
RegCreateKeyExW

kernel32

LocalFree
lstrlenW
GetLastError
GetCurrentProcess
CloseHandle
FormatMessageW
LoadLibraryW
GetDateFormatW
FileTimeToSystemTime
FreeLibrary
GetProcAddress
GetFileAttributesW
GetFullPathNameW
GetWindowsDirectoryW
FindFirstFileW
FindClose
FindNextFileW
Sleep
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter

msvcrt

??2@YAPEAX_K@Z
fputs
wcsrchr
__iob_func
towupper
iswalpha
??3@YAXPEAX@Z
_wcsicmp
?terminate@@YAXXZ
memset
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
exit
_cexit
_exit
_XcptFilter
__C_specific_handler
__wgetmainargs
wprintf
towlower
_wcsnicmp
fputws
wcschr

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

ole32

CLSIDFromString

setupapi

CM_Free_Log_Conf_Handle
SetupDiEnumDeviceInfo
CM_Get_Device_ID_ExW
SetupDiSetClassInstallParamsW
SetupDiCreateDeviceInfoW
SetupDiClassNameFromGuidExW
CM_Reenumerate_DevNode_Ex
SetupDiCreateDeviceInfoList
SetupCopyOEMInfW
SetupDiSetDeviceRegistryPropertyW
CM_Connect_MachineW
SetupDiGetINFClassW
CM_Disconnect_Machine
CM_Locate_DevNode_ExW
SetupDiBuildClassInfoListExW
SetupOpenFileQueue
SetupDiSetSelectedDriverW
SetupDiCallClassInstaller
SetupGetStringFieldW
SetupDiDestroyDriverInfoList
CM_Get_Res_Des_Data_Size_Ex
SetupOpenInfFileW
SetupDiEnumDriverInfoW
CM_Free_Res_Des_Handle
SetupDiDestroyDeviceInfoList
CM_Get_First_Log_Conf_Ex
SetupScanFileQueueW
SetupDiSetDeviceInstallParamsW
CM_Get_DevNode_Status_Ex
CM_Get_Next_Res_Des_Ex
SetupFindFirstLineW
SetupCloseFileQueue
SetupDiGetDriverInfoDetailW
SetupDiGetClassDescriptionExW
SetupDiBuildDriverInfoList
SetupDiGetDriverInstallParamsW
CM_Get_Res_Des_Data_Ex
SetupDiGetDeviceInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiOpenDevRegKey
SetupCloseInfFile
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameExW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW

user32

CharPrevW
CharNextW
LoadStringW

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 540KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c536038d069d374313c4f3ea876cc1a4

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

ntdll

ole32

setupapi

user32

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 1024B - Virtual size: 900B

.rsrc Size: 44KB - Virtual size: 43KB

.vmp1 Size: 540KB - Virtual size: 1.8MB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 1024B - Virtual size: 900B

.rsrc
Size: 44KB - Virtual size: 43KB

.vmp1
Size: 540KB - Virtual size: 1.8MB