6f9f733c708df54852bc807c8dd238397464845e4e2fa52aedafb472f3649ee8

General

Target

6f9f733c708df54852bc807c8dd238397464845e4e2fa52aedafb472f3649ee8
Size

32KB
MD5

90ad5582f684f652abe422914d8ab7f0
SHA1

e522f4a4f9a5861633d6b4190708e2fceb60854a
SHA256

6f9f733c708df54852bc807c8dd238397464845e4e2fa52aedafb472f3649ee8
SHA512

e0465ccb7b4c8726dcb1155010d86376b307081bd4c7bcc6622ee09651708d4242676272b345fab1ebee27d47c667e1b2128a86cc55529073242edb04f5b65a4
SSDEEP

384:hIjtQn6q/vmKNJvScaKhWEGWkfSMBBWdCxMeFrMyWtjCiqis9QlcffyqlkeVI:N6q/OQCyWpAMMerMyWtUisKl4qUkY

Score

N/A

Malware Config

Signatures

Files

6f9f733c708df54852bc807c8dd238397464845e4e2fa52aedafb472f3649ee8
.exe windows x64

942ca4c864d69677e16f0637093ef888

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey

kernel32

lstrlenA
OpenFile
GetWindowsDirectoryA
LocalAlloc
LocalFree
GetLastError
CloseHandle
ReadFile
CreateFileA
FindClose
FindNextFileA
FindFirstFileA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
Sleep
RtlCopyMemory
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
RtlFillMemory

user32

MessageBoxA

setupapi

SetupDiOpenDevRegKey
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

942ca4c864d69677e16f0637093ef888

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

setupapi

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 1024B - Virtual size: 3KB

.pdata Size: 1024B - Virtual size: 708B

�� Size: 1024B - Virtual size: 992B

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 1024B - Virtual size: 708B

��
Size: 1024B - Virtual size: 992B