0a2d33354453782bb5171613b363af0e223f0c1c4a8930b112728b3fd2ab461c

Sharing

Copy URL Twitter E-mail

General

Target

0a2d33354453782bb5171613b363af0e223f0c1c4a8930b112728b3fd2ab461c
Size

83KB
MD5

4cdc3d917bec349d5b3366dfc53517b0
SHA1

8c886ef6ad18c4f6069b7077435e7a1163ae9ae2
SHA256

0a2d33354453782bb5171613b363af0e223f0c1c4a8930b112728b3fd2ab461c
SHA512

7dc3077523fdeb0275638d4a06657f22f8b6bad21c8fd2d2d30d2ef40867d2e53d019a0099976cccdf87dd4e75d287e070fda8a51af5f3011ff9fe58fa7505ec
SSDEEP

1536:aWoKNdZrKZ2OnWNpQZ9LJL/z/BpRznDEZh1g5eXfZ18B:voKDZY2Wd9LVbBbU17UB

Score

N/A

Malware Config

Signatures

Files

0a2d33354453782bb5171613b363af0e223f0c1c4a8930b112728b3fd2ab461c
.exe windows x64

451a29b382dd92d8980c7952e719b197

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA
FreeLibrary
WinExec
Sleep
GetProcAddress
GetTempPathA
GetVersionExA
GetSystemDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetLastError
DeleteFileA
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
CloseHandle
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapSetInformation
HeapCreate
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
CreateFileA
InitializeCriticalSection
SetFilePointer
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
ReadFile

user32

MessageBoxA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

difxapi

DriverPackageInstallA
DriverPackageUninstallA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysnmvgw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

451a29b382dd92d8980c7952e719b197

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

difxapi

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 12KB

.pdata Size: 27KB - Virtual size: 27KB

ysnmvgw Size: - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 12KB

.pdata
Size: 27KB - Virtual size: 27KB

ysnmvgw
Size: - Virtual size: 4KB