86bf86a57c2e6902558968f88124470a9b4aeb51083e4e547a70c92b5c70616c

Sharing

Copy URL Twitter E-mail

General

Target

86bf86a57c2e6902558968f88124470a9b4aeb51083e4e547a70c92b5c70616c
Size

124KB
MD5

01ceef57c6286ea8a111b9a7cbaba180
SHA1

041760ee8ba6bc3e67dd94964b822e69b40ff591
SHA256

86bf86a57c2e6902558968f88124470a9b4aeb51083e4e547a70c92b5c70616c
SHA512

535b388f39e1c178ef00c590da84e24efd79fe45c36c7b8e0423bc2dc31e0178f09e4d0e737cdf739e8d8fda5c64b93a4f13eaa796ccea5e0588417a7cd681bb
SSDEEP

3072:SpMpV3V+iT3tFyD5lnGqBRJENCwL+zYnnKggDUxcd5v495G:SpMpV3Ii7u55dRJEDLZKscd5QI

Score

N/A

Malware Config

Signatures

Files

86bf86a57c2e6902558968f88124470a9b4aeb51083e4e547a70c92b5c70616c
.exe windows x86

83abf46b75ccb4b72ec4b9001e333d32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
FormatMessageW
CloseHandle
SetEndOfFile
SetFilePointerEx
CreateFileW
Sleep
GetLastError
GetFileAttributesW
GetFullPathNameW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
SetVolumeMountPointW
DeleteVolumeMountPointW
CreateDirectoryW
GetModuleFileNameW
SetErrorMode
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
DeviceIoControl
SetLastError
lstrlenW
CopyFileW
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
SetUnhandledExceptionFilter

msvcp60

?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
?endl@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@AAV21@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?insert@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IPBG@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
?str@?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
??_D?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
?wcout@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?put@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@G@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGPAG@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
?str@?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
?rbegin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$reverse_iterator@PAGGAAGPAGH@2@XZ
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?wcerr@std@@3V?$basic_ostream@GU?$char_traits@G@std@@@1@A
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB

msvcrt

fclose
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler3
?what@exception@@UBEPBDXZ
_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
memcpy
_callnewh
_wfopen
_itow
_XcptFilter
_exit
_cexit
__wgetmainargs
malloc
free
towupper
_wtoi64
_wtoi
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memset
toupper

shlwapi

PathIsRelativeW

ole32

CLSIDFromString
StringFromGUID2
CoCreateGuid

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

MessageBoxW

rpcrt4

UuidToStringW
RpcStringFreeW

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInfoList
SetupDiGetINFClassW
SetupDiCallClassInstaller

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83abf46b75ccb4b72ec4b9001e333d32

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp60

msvcrt

shlwapi

ole32

newdev

user32

rpcrt4

setupapi

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 71KB - Virtual size: 72KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 71KB - Virtual size: 72KB