7fdcce203a35ea25d8416ac3f1f176cd833d1eb9465c5dce1fb4099addb6f652

Sharing

Copy URL Twitter E-mail

General

Target

7fdcce203a35ea25d8416ac3f1f176cd833d1eb9465c5dce1fb4099addb6f652
Size

143KB
MD5

6b48f97f2e7a1dcfa7b1837ae1be4eb0
SHA1

7a45eef8390b170b3ce0cbd89d8b03143cb13472
SHA256

7fdcce203a35ea25d8416ac3f1f176cd833d1eb9465c5dce1fb4099addb6f652
SHA512

1c4c17b4f4591896af576466c89d58e8e0fd324829c6843bd53a0afba4f281b321474cfd28874e1c443fd18af882d34a068905af06dcd999f55a72fa9b97afa0
SSDEEP

3072:Lc7a/OBahgAY97fAWftcQl3SnaezwZswYkw+Rriex:LcAjh6AW2qSnakwwKea

Score

N/A

Malware Config

Signatures

Files

7fdcce203a35ea25d8416ac3f1f176cd833d1eb9465c5dce1fb4099addb6f652
.exe windows x86

8c6f541cc6d716fdaa12addc7a2411b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

SetupDiGetINFClassW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiCreateDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
SetupDiChangeState
SetupDiGetDeviceInstanceIdW
SetupDiBuildDriverInfoList
SetupDiSetSelectedDevice
SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupDiGetDeviceInfoListDetailW
SetupDiGetSelectedDriverW
SetupDiCreateDevRegKeyW
SetupDiCallClassInstaller
SetupDiRegisterDeviceInfo

kernel32

WideCharToMultiByte
LoadLibraryW
GetLastError
FreeLibrary
GetProcAddress
GetSystemDirectoryW
lstrlenW
MultiByteToWideChar
Sleep
GetVersionExW
GetEnvironmentStringsW
FindFirstFileW
LocalFree
FindClose
DeleteFileW
CreateDirectoryW
SetLastError
FindNextFileW
GetTempPathW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
LoadLibraryA
RemoveDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
GetModuleFileNameA
GetStdHandle
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
GetCurrentThreadId
TlsFree
WriteFile
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
EnterCriticalSection

advapi32

RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityInfo
GetSecurityDescriptorLength
GetAclInformation
MakeSelfRelativeSD
InitializeAcl
GetSecurityDescriptorControl
GetSecurityDescriptorOwner
GetAce
RegQueryValueExW
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorSacl
LookupAccountNameW
IsValidSid
SetNamedSecurityInfoW
GetLengthSid
AddAce
CopySid
SetSecurityInfo
RegSetValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

VarBstrCat
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString

shlwapi

PathAppendW

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8c6f541cc6d716fdaa12addc7a2411b6

Headers

File Characteristics

Imports

newdev

setupapi

kernel32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 888B

.rrdata Size: 68KB - Virtual size: 68KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 888B

.rrdata
Size: 68KB - Virtual size: 68KB