adf322f7c61b5471d80926a07697f637f3ae5a7569af4c2ff4f3e0d572e12db0

Sharing

Copy URL Twitter E-mail

General

Target

adf322f7c61b5471d80926a07697f637f3ae5a7569af4c2ff4f3e0d572e12db0
Size

187KB
MD5

92fc05dcfe0b99cf8712f3d55387ad20
SHA1

ecf7c279151172cc8774252a893089955e13f984
SHA256

adf322f7c61b5471d80926a07697f637f3ae5a7569af4c2ff4f3e0d572e12db0
SHA512

428688a777e9f4d6c01b1d5354b72c4972e10a69955cbc6d1fdfe561f84002fe2177981daf6e1d5248d0d4103f50459c2e1fbc8c22ba00f9d965480a7658a438
SSDEEP

3072:kOyIcvMUARc2BigKnhbEbZvnsemlTo+ieg3pZs1z2s9f7wih+TpaaQbyZ:kVI/UYE4slcP3T+K5paaQbk

Score

N/A

Malware Config

Signatures

Files

adf322f7c61b5471d80926a07697f637f3ae5a7569af4c2ff4f3e0d572e12db0
.exe windows x86

f4f63fb783751396fade830646e5aab7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileW
SetupSetDirectoryIdW
SetupOpenFileQueue
SetupInstallFilesFromInfSectionW
SetupInitDefaultQueueCallbackEx
SetupCommitFileQueueW
SetupPromptReboot
SetupCloseFileQueue
SetupCloseInfFile
SetupDefaultQueueCallbackW

kernel32

GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetFileAttributesW
lstrcpyW
CreateDirectoryW
lstrcatW
lstrlenW
lstrcmpiW
GetLastError
lstrcmpW
FreeLibrary
LoadLibraryW
Sleep
DeleteFileW
GetWindowsDirectoryW
GetACP
GetCommandLineW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
MultiByteToWideChar
GetVersion
LocalFree
lstrlenA
lstrcmpA
LocalAlloc
GetModuleHandleA
GlobalAlloc
CreateFileW
SetCurrentDirectoryW
GlobalFree
GetOEMCP
IsValidCodePage
RtlUnwind
LCMapStringW
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetModuleFileNameW
HeapAlloc
HeapReAlloc
LoadLibraryA
HeapFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
RaiseException
IsProcessorFeaturePresent
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
HeapSize
GetCPInfo

advapi32

AllocateAndInitializeSid
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
FreeSid
RegOpenKeyA
RegQueryValueExA
RegCloseKey
InitializeAcl

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4f63fb783751396fade830646e5aab7

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

advapi32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 79KB - Virtual size: 80KB