e9180bf8bb90263d39c49561db321aad6efd0606809e257f76881da047118453

Sharing

Copy URL Twitter E-mail

General

Target

e9180bf8bb90263d39c49561db321aad6efd0606809e257f76881da047118453
Size

224KB
MD5

83813b9a70002f6f10abacf56e12acb0
SHA1

cf8cfe56bdcb717981ba9ad77e044ef15b809bf3
SHA256

e9180bf8bb90263d39c49561db321aad6efd0606809e257f76881da047118453
SHA512

be34c025d9e90b66bc8171d346230f323579fa266126e86e909d86222a941fe1a6d372e594cd35cc8d675770d1661e8c5b97dbde691682ad83d4b57a54772a3f
SSDEEP

6144:66Nq/NGMFiWpJ1VP7QtobwlEnsnYu+mNK640lD:66I/NGMFzWosqnmYEKy

Score

N/A

Malware Config

Signatures

Files

e9180bf8bb90263d39c49561db321aad6efd0606809e257f76881da047118453
.exe windows x86

d933fd06e19cb4c002b3a0cb7fca80fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
HeapAlloc
InterlockedExchange
FindClose
CloseHandle
TerminateProcess
FreeLibrary
ReadFile
TlsAlloc
LoadLibraryA
InterlockedExchangeAdd
FindResourceW
CreateFileA
HeapReAlloc
InterlockedIncrement
SetFilePointer
FormatMessageW
GetFileType
FileTimeToSystemTime
ResetEvent
SetEvent
FreeLibraryAndExitThread
GetModuleHandleA
RaiseException
HeapFree
GetStringTypeW
FreeEnvironmentStringsA
CreateThread
MultiByteToWideChar
DeleteCriticalSection
GetFileSize
CreateFileW
WideCharToMultiByte
FreeEnvironmentStringsW
LocalFree
SetErrorMode
GetModuleFileNameW
CreateEventA
GetStringTypeA
LCMapStringA
VirtualAlloc
InitializeCriticalSection
SetHandleCount
EnterCriticalSection
GetStdHandle
GetModuleHandleW
WaitForMultipleObjects
LCMapStringW
GetCurrentProcess
QueryPerformanceCounter
GetModuleFileNameA
CreateEventW
TlsGetValue
GlobalAlloc
GlobalSize
GetACP
GetCurrentProcessId
GetCommandLineA
GetCommandLineW
CreateMutexA
GetCurrentThread
GetVersionExA
GetProcessHeap
GetEnvironmentStringsW
GetEnvironmentStrings
GetTickCount
InterlockedDecrement
lstrlenW
GetOEMCP
GetCPInfo
GetProcAddress
GetStartupInfoA
GetVersion
ExitProcess
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetLastError
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
LeaveCriticalSection

user32

LoadImageW
GetSysColor
BeginPaint
EndPaint
GetParent
KillTimer
GetForegroundWindow
GetDesktopWindow
ClientToScreen
CheckDlgButton
IsDlgButtonChecked
GetWindowLongA
PostMessageA
EnableMenuItem

advapi32

RegQueryInfoKeyA
RegCreateKeyExW
RegRestoreKeyA
RegEnumKeyExW
RegConnectRegistryA
RegEnumValueA
OpenThreadToken
RegCloseKey
RegSetKeySecurity
AdjustTokenPrivileges
QueryServiceStatus
RegSetValueExA
CloseEventLog
OpenServiceA
InitiateSystemShutdownA
RegOpenKeyExA
LookupPrivilegeValueA
GetUserNameW
GetFileSecurityA
RegDeleteValueA
GetUserNameA
IsValidSid
RegFlushKey
ReadEventLogW
OpenProcessToken
OpenServiceW
RegGetKeySecurity

setupapi

SetupOpenAppendInfFileA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d933fd06e19cb4c002b3a0cb7fca80fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 144KB - Virtual size: 228KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 144KB - Virtual size: 228KB