dccc6575b2a0f8f547425c989345c9c95b2d5292b19377062241d85b21ce28f7

Sharing

Copy URL Twitter E-mail

General

Target

dccc6575b2a0f8f547425c989345c9c95b2d5292b19377062241d85b21ce28f7
Size

63KB
MD5

7a7030de82cd4c7f26a8253a7746cac0
SHA1

0c1bf50fe55ecc6daaccf1ccfc1add2c531fb92a
SHA256

dccc6575b2a0f8f547425c989345c9c95b2d5292b19377062241d85b21ce28f7
SHA512

f17937b3b164d69a37b1e415e44bbdbf41ec09880a02a1be4bcb6eee5f98532d9fe8f685823ace6a67651f9e3bc6fe752a72c4345a48b9823a844a2ad6fb0806
SSDEEP

768:KWoPgiOxN2qs4r6n7lq7rKR327p4nyZPHNppKpvBuYHeMuvymmLJL/h5mdQ:KWoKNdZrKZ2OnWNpQZ9LJL/idQ

Score

N/A

Malware Config

Signatures

Files

dccc6575b2a0f8f547425c989345c9c95b2d5292b19377062241d85b21ce28f7
.exe windows x64

451a29b382dd92d8980c7952e719b197

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA
FreeLibrary
WinExec
Sleep
GetProcAddress
GetTempPathA
GetVersionExA
GetSystemDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetLastError
DeleteFileA
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
CloseHandle
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapSetInformation
HeapCreate
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileA
InitializeCriticalSection
SetFilePointer
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
ReadFile

user32

MessageBoxA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

difxapi

DriverPackageInstallA
DriverPackageUninstallA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

451a29b382dd92d8980c7952e719b197

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

difxapi

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 12KB

.pdata Size: 6KB - Virtual size: 6KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 12KB

.pdata
Size: 6KB - Virtual size: 6KB