609643cf3bd73312323d665910bf3a625a3aadd996b7111a8f77f5b917ec05dc

General

Target

609643cf3bd73312323d665910bf3a625a3aadd996b7111a8f77f5b917ec05dc
Size

168KB
MD5

918a55fb571e76c327ac7cc3f8abafd0
SHA1

14537478eb5fc0204d3bea50884122758b8c4451
SHA256

609643cf3bd73312323d665910bf3a625a3aadd996b7111a8f77f5b917ec05dc
SHA512

75f20f72d2645315c51b58091c9ead88560007f29e8d32d39486d2afc5ae6168154e6bed67af7aaca8b36e7485f89c58b5c61c46ef0a69f5b31384907b774a2b
SSDEEP

3072:qSkgkOEcKwJJ5z2IDOMLNpdyb6dol2qUPfAJ7qsu/ipu+kJQAYp9:bdkOPKwX5qQFNpdQ6oV7Trpu+kJY

Score

N/A

Malware Config

Signatures

Files

609643cf3bd73312323d665910bf3a625a3aadd996b7111a8f77f5b917ec05dc
.exe windows x86

40bfba18f735614bb90feca245c90c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegEnumKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

kernel32

GetVolumeInformationA
lstrlenA
AddAtomW
GetCurrentProcessId
ReadFile
GetModuleFileNameA
GetLastError
InitializeCriticalSection
ReleaseMutex
InterlockedDecrement
DisableThreadLibraryCalls
GlobalLock
InterlockedIncrement
CopyFileA
GetVersionExA
MultiByteToWideChar
CreateDirectoryA
CreateMutexA
GetCurrentThreadId
LocalAlloc
GetModuleFileNameW
DeleteCriticalSection
WideCharToMultiByte
GetSystemTimeAsFileTime
Sleep
GlobalFree
DeleteFileA
SetFileAttributesA
EnumResourceNamesA
CreateFileA
LocalFree
GetFileSize
DeviceIoControl
CheckNameLegalDOS8Dot3W
VirtualFree
GlobalUnlock
CloseHandle
QueryPerformanceCounter
GetTempFileNameA
GetTempPathA
SetFilePointer
CreateFileW
GetSystemTime
GetFileAttributesA
VirtualAlloc
WaitForSingleObject
GetTickCount
FreeLibrary

Sections

.text
Size: 88KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40bfba18f735614bb90feca245c90c0f

Headers

File Characteristics

Imports

setupapi

advapi32

lz32

kernel32

Sections

.text Size: 88KB - Virtual size: 484KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 484KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB