5f48adc05fb5b95da07f5b6291217eb9461980f8aafa7b00aa54f0f49ff242e2

Sharing

Copy URL Twitter E-mail

General

Target

5f48adc05fb5b95da07f5b6291217eb9461980f8aafa7b00aa54f0f49ff242e2
Size

200KB
MD5

01b0e3bad77b365edcba96e2250b75c0
SHA1

a5ab29373b439de402d4455a4869016d963cb098
SHA256

5f48adc05fb5b95da07f5b6291217eb9461980f8aafa7b00aa54f0f49ff242e2
SHA512

d1865baffae684514b02ac00a791dc35c791d469b0da8d52f4ebd26826fef77558dd5938d91405a3f82ef2002a0cfd9d3de037e637141343f72350c70b8e2751
SSDEEP

3072:oJ7gaaoAyhdVyJYbZao+DB1l7fq/sXMVaQuRrAtLtgLpBD5rhQBZgO8UIJaDn:Z6hrMYFEDB11Eh9LKNBd8gOhZDn

Score

N/A

Malware Config

Signatures

Files

5f48adc05fb5b95da07f5b6291217eb9461980f8aafa7b00aa54f0f49ff242e2
.exe windows x86

3c6d706e248449ceb106f6b805b897ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
DeviceIoControl
GetVersionExA
GetCurrentProcess
WinExec
Sleep
WriteProfileStringA
CopyFileA
SetFileAttributesA
GetProfileIntA
lstrcmpA
GetDiskFreeSpaceA
GetFileSize
GetDriveTypeA
GetWindowsDirectoryA
GetLogicalDrives
SetErrorMode
GetVersion
GetSystemDirectoryA
lstrcatA
GetSystemDefaultLangID
LoadLibraryA
DeleteFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
lstrcpyA
GetProcAddress
WaitForSingleObject
FreeLibrary
lstrlenA
lstrcmpiA
CreateProcessA
GetCurrentDirectoryA
GetFullPathNameA
GetEnvironmentStringsW
HeapAlloc
GetTimeZoneInformation
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
UnhandledExceptionFilter
HeapFree
FreeEnvironmentStringsA
GetSystemTime
GetExitCodeProcess
ReadFile
WriteFile
IsBadWritePtr
HeapReAlloc
GetLastError
VirtualFree
HeapCreate
VirtualAlloc
GetCommandLineA
GetStartupInfoA
HeapDestroy
TerminateProcess
ExitProcess
GetLocalTime
GetModuleHandleA

user32

PeekMessageA
DispatchMessageA
TranslateMessage
SetWindowTextA
OemToCharA
GetSystemMetrics
MoveWindow
MessageBoxA
SendMessageA
FindWindowA
LoadStringA
ExitWindowsEx
CharNextA
wsprintfA
CharUpperA
CharUpperBuffA
IsWindow
EnableWindow
IsWindowEnabled
ShowWindow
SetForegroundWindow

advapi32

RegCreateKeyExA
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

mscomstf

FWriteToLogFile
FOpenLogFile
FOpenInf
FCloseLogFile
FAddSectionFilesToCopyList
FAddSpecialFileToCopyList
FAddSectionKeyFileToCopyList
FSetBeepingMode
FMakeListInfSectionField
FSetSilent
FReplaceListItem
FRemoveSymbol
FSetSymbolToListOfInfKeys
UsGetListLength
FAddListItem
CbGetListItem
FValidDir
CbGetInfSectionKeyField
FParsePathIntoPieces
FValidPath
DoMsgBox
EercErrorHandler
CbGetSymbolValue

msdetstf

LGetVersionNthField
FDoesIniKeyExist
CbGetIniKeyString
FDirExists
FHasMouseInstalled
FHasMonochromeDisplay
FHas87MathChip
FGetSerialPortsList
FGetParallelPortsList
FGetProcessorType
FIsDriverInConfig
CbFindTargetOnEnvVar
LcbGetSizeOfFile
FDoesIniSectionExist
CbGetVersionOfFile
CbGetDateOfFile
FDoesFileExist
CbGetEnvVariableValue
FGetNetworkDrivesList
FGetRemovableDrivesList
FGetLocalHardDrivesList
FGetValidDrivesList
LcbFreeDrive
LcbTotalDrive
FIsRemoteDrive
FIsRemoveDrive
FIsLocalHardDrive
FIsValidDrive
CbFindFileInTree

msinsstf

FStampResource
FSetRestartDir
FRestartListEmpty
FExitExecRestart
FPrependToPath
TerminateInstall
FCreateProgManGroupEx
FCreateProgManGroup
YnrcBackupFile
YnrcRemoveFile
FRemoveDir
FRemoveIniSection
FAddToBillboardList
FRemoveIniKey
FShowProgManGroup
FShowProgManGroupEx
FCreateIniKeyValue
FInitializeInstall
FCreateDir
FIsDirWritable
WFindFileUsingFileOpen
ProSetPos
FClearBillboardList
FIsFileWritable
FCreateProgManItemEx
FCreateSysIniKeyValue
FCopyOneFile
GrcCopyFilesInCopyList
FCreateProgManItem
LcbGetCopyListCost
ResetCopyList
FDumpCopyListToFile

msshlstf

TerminateFrame
HinstFrame
FRestoreCursor
HwndFrame
FSetBitmap
HShowWaitCursor
FSetSymbolValue
FSetAbout
InitializeFrame

msuilstf

FKillNDialogs
FDoDialogExt

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c6d706e248449ceb106f6b805b897ea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

mscomstf

msdetstf

msinsstf

msshlstf

msuilstf

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 124KB - Virtual size: 124KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 124KB - Virtual size: 124KB