1b93506b45503a342573ae9e01b8bf3a28686aca44488fab05ebbb52f1dc3527

General

Target

1b93506b45503a342573ae9e01b8bf3a28686aca44488fab05ebbb52f1dc3527
Size

211KB
MD5

820fc309630d9a2c5cc06bece2b8d5b4
SHA1

8bf813a71e5fcb746fd38bc29fa1d2fd0b000540
SHA256

1b93506b45503a342573ae9e01b8bf3a28686aca44488fab05ebbb52f1dc3527
SHA512

d7a41e9cb178702f015379906fcbb32184aa66cce3e79b145f99778e69eabcf7e1c81b6b4b17392e328367c8686d879f57cb19d4cb0d9c66158400ee0d95389f
SSDEEP

3072:YUtvMiHW4xJbFcF/Hkzk4jtq5JnZSx2vgufD/slt1kt+4+sNWZmLIXWJPMIDw:1R24xJb6/EvBKn0x2vg8kt1Y+TsNMWw

Score

N/A

Malware Config

Signatures

Files

1b93506b45503a342573ae9e01b8bf3a28686aca44488fab05ebbb52f1dc3527
.exe windows x86

2da55d1e111a37c2e25bc408df85285d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
lstrcmpA
WideCharToMultiByte
CloseHandle
LoadLibraryW
MultiByteToWideChar
SetLastError
GetTickCount
FindResourceA
lstrcpyA
GetModuleHandleW
GetProcessHeap
QueryDosDeviceA
GetCurrentProcess
GetLocalTime
CreateFileA
GetVolumeInformationA
GetSystemTimeAsFileTime
DeviceIoControl
FreeResource
lstrlenA
GetEnvironmentStringsA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
HeapAlloc
SystemTimeToFileTime
LockResource
LoadResource

osuninst

ProvideUiAlerts
GetUninstallImageSize
IsUninstallImageValid
RemoveUninstallImage

advapi32

RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW

pautoenr

CertAutoEnrollment
CertAutoRemove

pdh

PdhAddCounterA
PdhAddCounterW
PdhAdd009CounterA
PdhBindInputDataSourceW
PdhBindInputDataSourceA
PdhBrowseCountersA

user32

CharNextA
wsprintfA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da55d1e111a37c2e25bc408df85285d

Headers

File Characteristics

Imports

kernel32

osuninst

advapi32

pautoenr

pdh

user32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 38KB - Virtual size: 6.1MB

.rsrc Size: 1024B - Virtual size: 996B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 38KB - Virtual size: 6.1MB

.rsrc
Size: 1024B - Virtual size: 996B

.reloc
Size: 2KB - Virtual size: 2KB