890a21107c2b07f11998006ec1cf45bc3b37616f434a0120f0ac3345ab0068d9

Sharing

Copy URL Twitter E-mail

General

Target

890a21107c2b07f11998006ec1cf45bc3b37616f434a0120f0ac3345ab0068d9
Size

126KB
MD5

8349133b780ed33d9999204f56422150
SHA1

8848100697986cb41e5c57812ae574a601c8387b
SHA256

890a21107c2b07f11998006ec1cf45bc3b37616f434a0120f0ac3345ab0068d9
SHA512

613001e09d79c6397b96db70a31580cbed8ef772a1e994066be12ddffea6c662e66ce7d28d0b45fa7e07e334c928302ce14a4d18b8a7e31aa2b6b5da4d0706fd
SSDEEP

1536:HQHhWr9kPuBHj7rVq4Wt0v5uUJe//mv27M1FGdcSBIKtLRsy0YuqisKldZ:HQQ9vLVq4Wty5uge/+OYHyIKtLxund

Score

N/A

Malware Config

Signatures

Files

890a21107c2b07f11998006ec1cf45bc3b37616f434a0120f0ac3345ab0068d9
.exe windows x64

4e5af20f7310751895f9b31dff069993

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

ntdll

strncpy
memmove
memchr
memcpy
memcmp
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwindEx
NtTerminateProcess
RtlUnhandledExceptionFilter
RtlVirtualUnwind
memset
RtlCaptureContext

kernel32

GetACP
LocalFree
GetLastError
LocalAlloc
GetLocaleInfoA
GetOEMCP
GetVersionExA
HeapFree
HeapAlloc
GetProcessHeap
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapReAlloc
ReadFile
SetStdHandle
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
LoadLibraryA
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
CloseHandle
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter
DeleteCriticalSection
EnterCriticalSection
Sleep
InitializeCriticalSection
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
RaiseException
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
ExitProcess
HeapSize
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate

user32

LoadIconA
wsprintfA

advapi32

RegQueryValueExA
RegEnumValueA
RegEnumKeyExA
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid
RegSetValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e5af20f7310751895f9b31dff069993

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

kernel32

user32

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 7KB - Virtual size: 16KB

.pdata Size: 7KB - Virtual size: 7KB

�� Size: 2KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 7KB - Virtual size: 16KB

.pdata
Size: 7KB - Virtual size: 7KB

��
Size: 2KB - Virtual size: 1KB