6d15d54e9b647709313ec97258a419a842da02dffcfde446987a91a7d202397f

General

Target

6d15d54e9b647709313ec97258a419a842da02dffcfde446987a91a7d202397f
Size

214KB
MD5

0d53af774f15794854624de940b8aa7e
SHA1

cbb22ac94b1f52812f93555b8ebc97c668726921
SHA256

6d15d54e9b647709313ec97258a419a842da02dffcfde446987a91a7d202397f
SHA512

bba182e5140d5da98f04387c369b92a7715353c3ec48a0f77aaefbcacf5b315e810f75f2752e96773fc492edee37aefb6184f5e92e284be8903cf09d1a374e82
SSDEEP

6144:faw/SDjErY68GVXsNuS3qJ5fjuh0rqmGbdECuX:tkx6XXYmW

Score

N/A

Malware Config

Signatures

Files

6d15d54e9b647709313ec97258a419a842da02dffcfde446987a91a7d202397f
.exe windows x86

90d0d95559b03cc98c62655178bf154d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegCloseKey

kernel32

GetLastError
CloseHandle
SetEvent
OpenEventW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

__p__fmode
_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
_vsnwprintf
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memset
_wcsicmp

setupapi

SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW

newdev

DiUninstallDevice

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 180KB - Virtual size: 472KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90d0d95559b03cc98c62655178bf154d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

setupapi

newdev

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 896B

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 512B - Virtual size: 494B

.vmp0 Size: 180KB - Virtual size: 472KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 896B

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 512B - Virtual size: 494B

.vmp0
Size: 180KB - Virtual size: 472KB