59fac154dba23626c2f35401aa38b8a42cb20748061498d0da75f917a13612ca

Sharing

Copy URL Twitter E-mail

General

Target

59fac154dba23626c2f35401aa38b8a42cb20748061498d0da75f917a13612ca
Size

509KB
MD5

926e9853b11ac798eaf762d17f9ddef5
SHA1

866c306dfa2f42715ec5b8c45c13693f17889d56
SHA256

59fac154dba23626c2f35401aa38b8a42cb20748061498d0da75f917a13612ca
SHA512

173b627d5bd19cafef16f48bed089f812ef5727625ce616569c8fa4229bd041e90a51e59fe2c60d02b8bea284d52404dba95febc232ed10286454d8a90d60340
SSDEEP

12288:D4W8f+0EZ7VbBjXah3wWeMhAkO8HlTHrD9jvXKEm3lrZG:D42FrVXQ7ZALK9Il

Score

N/A

Malware Config

Signatures

Files

59fac154dba23626c2f35401aa38b8a42cb20748061498d0da75f917a13612ca
.dll windows x86

e07b6d262327086c8cf95596cc795c32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetStringFieldW
SetupFindNextLine
SetupFindFirstLineW
SetupDiSetDeviceInstallParamsW
SetupDiGetSelectedDriverW
SetupDiGetDeviceInstallParamsW
SetupCloseInfFile

shlwapi

PathAppendW
PathRemoveFileSpecW

advapi32

RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

SetStdHandle
WriteConsoleW
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetProcAddress
CloseHandle
CreateFileA
CreateFileW
CreateMutexW
CreateProcessW
EnterCriticalSection
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetExitCodeProcess
GetLastError
GetLocalTime
GetModuleHandleA
SetLastError
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
WriteConsoleA

shell32

SHCreateDirectoryExW

Exports

Exports

ASTFromString
GetSelf
InPlaceRshift
InPlaceSubtract
Int_FromUnicode
_SetItem
_SetSlice

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e07b6d262327086c8cf95596cc795c32

Headers

File Characteristics

Imports

setupapi

shlwapi

advapi32

kernel32

shell32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 188KB - Virtual size: 191KB

.rsrc Size: 157KB - Virtual size: 156KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 188KB - Virtual size: 191KB

.rsrc
Size: 157KB - Virtual size: 156KB

.reloc
Size: 10KB - Virtual size: 10KB