6c0e548f9a94447464d26c43903602c5d458b015a0f9320f38337b7b36f1ac1f

Sharing

Copy URL Twitter E-mail

General

Target

6c0e548f9a94447464d26c43903602c5d458b015a0f9320f38337b7b36f1ac1f
Size

444KB
MD5

01f8fabd0aa42689e540a425fb803d90
SHA1

65db3911fe5721d4f3d07f241b128beab238acc2
SHA256

6c0e548f9a94447464d26c43903602c5d458b015a0f9320f38337b7b36f1ac1f
SHA512

29f3872838e3e33729af931be4e056db393eeed853190912254d28df742bbb7a0778b806bcf03fbd3587a44f84a5db3e3e4082dd8e5171cc20abb38efdbfdd49
SSDEEP

6144:hz2Ge5QJtfyFm/pHq1KZe75Q+QbpkirLauxyxPS5djYQuuMVCCk+3cYsAJmfs6+B:oGnHAXP6

Score

N/A

Malware Config

Signatures

Files

6c0e548f9a94447464d26c43903602c5d458b015a0f9320f38337b7b36f1ac1f
.exe windows x86

df9c323706c6bc9d34f979e01bd2afc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdA
SetupDiGetINFClassA
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller
SetupDiEnumDriverInfoA
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsA
SetupDiRegisterDeviceInfo
SetupDiSetDeviceRegistryPropertyA
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiDestroyDriverInfoList
SetupDiSetSelectedDevice
SetupDiGetDriverInfoDetailA
SetupDiRemoveDevice
SetupDiClassGuidsFromNameA

comctl32

ord17

shlwapi

PathAppendA
PathIsDirectoryA

kernel32

CreateProcessA
FindClose
FindNextFileA
SetLastError
FindFirstFileA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
Sleep
GetModuleFileNameA
SetCurrentDirectoryA
GetFullPathNameA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetVersionExA
GetComputerNameA
GetUserDefaultLangID
GetCurrentDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
MoveFileExA
LocalAlloc
GetCurrentThread
FreeLibrary
SetEnvironmentVariableA
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
TerminateProcess
OpenProcess
MultiByteToWideChar
CreateDirectoryA
DeviceIoControl
CreateFileA
GetPrivateProfileStringA
CloseHandle
GlobalUnlock
GlobalLock
GlobalAlloc
CopyFileA
WaitForSingleObject
GetCurrentThreadId
RemoveDirectoryA
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
InitializeCriticalSection
LoadLibraryA
WriteFile
SetFilePointer
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
RaiseException
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
WinExec
GetLastError
WriteConsoleW
FormatMessageA
LocalFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCurrentProcessId
GetExitCodeProcess
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
SetEndOfFile
CompareStringA
CompareStringW
WriteConsoleA
GetConsoleOutputCP
GlobalFree
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetCommandLineA
RtlUnwind
HeapFree
ExitProcess

user32

CheckDlgButton
CreateWindowExA
SendMessageA
GetClientRect
GetWindowRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
ShowWindow
UpdateWindow
MessageBoxA
LoadStringA
LoadImageA
GetSystemMetrics
SetWindowPos
SetDlgItemTextA
GetDlgItem
EnableWindow
EndDialog
IsDlgButtonChecked
LoadBitmapA
GetWindowThreadProcessId
EnumWindows
DialogBoxParamA
GetWindowInfo
ExitWindowsEx
OffsetRect
CopyRect
GetParent
GetDesktopWindow

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegEnumValueA
OpenSCManagerA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
CloseServiceHandle
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
FreeSid
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegSetValueExA
GetUserNameA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CoSetProxyBlanket
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df9c323706c6bc9d34f979e01bd2afc4

Headers

File Characteristics

Imports

version

setupapi

comctl32

shlwapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 300KB - Virtual size: 320KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 300KB - Virtual size: 320KB