d43fe5bf7cb3b19d53afcea82c371ef3290bc632cd8716a8c72f4b34bdf6a879

Sharing

Copy URL

Twitter E-mail

General

Target

d43fe5bf7cb3b19d53afcea82c371ef3290bc632cd8716a8c72f4b34bdf6a879
Size

918KB
MD5

175f57e447c1c2ee660c86a82c2de160
SHA1

0474f4f8b145e3232b642c8cae0273f657caae68
SHA256

d43fe5bf7cb3b19d53afcea82c371ef3290bc632cd8716a8c72f4b34bdf6a879
SHA512

2e87380d3396e7210b928bd1587b829691179a0a5cdc72e09b7e43c00b2da74b04cf314587a4cafed0ba37b2062e3fae33f31ade0e8d68262d34f662267d8d25
SSDEEP

12288:ScR3vGwK0RZqRewRrKInHAfg/7hAz0iXqlQHyOkWas:ffjkewRZAfO7izfXkDJI

Score

N/A

Malware Config

Signatures

Files

d43fe5bf7cb3b19d53afcea82c371ef3290bc632cd8716a8c72f4b34bdf6a879
.exe windows x86

bb413a64dead7872ebc62d32c63943da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shfolder

SHGetFolderPathW
SHGetFolderPathA

shlwapi

SHDeleteValueA
SHDeleteKeyA

setupapi

SetupOpenInfFileW
SetupFindFirstLineW
SetupGetLineTextW
SetupCloseInfFile
SetupFindNextLine

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

InitializeCriticalSectionAndSpinCount
FlushFileBuffers
SetStdHandle
GetFileAttributesA
GetVersionExW
GetSystemDefaultLCID
GetUserDefaultUILanguage
FreeResource
LockResource
LoadResource
GetLastError
FindResourceExW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleFileNameA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
RemoveDirectoryA
SetFileAttributesA
FindClose
ReadFile
FindFirstFileA
MoveFileA
DeleteFileA
ExpandEnvironmentStringsA
FindNextFileW
DeleteFileW
FindFirstFileW
Sleep
GetCommandLineA
CopyFileA
CreateDirectoryA
CreateFileA
GetSystemDirectoryA
RemoveDirectoryW
ExitProcess
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
EnterCriticalSection
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindNextFileA
GetLocaleInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
HeapSize
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW

user32

MessageBoxW

advapi32

OpenSCManagerW
OpenServiceA
CloseServiceHandle
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb413a64dead7872ebc62d32c63943da

Headers

DLL Characteristics

File Characteristics

Imports

shfolder

shlwapi

setupapi

version

kernel32

user32

advapi32

ole32

Sections

.text Size: 525KB - Virtual size: 524KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 5KB - Virtual size: 65KB

.rsrc Size: 368KB - Virtual size: 528KB

.text
Size: 525KB - Virtual size: 524KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 5KB - Virtual size: 65KB

.rsrc
Size: 368KB - Virtual size: 528KB