faf911b2f6101de4fbee96b8e4b571c7602d1443818d7b2f51a5244506612d4e

Sharing

Copy URL Twitter E-mail

General

Target

faf911b2f6101de4fbee96b8e4b571c7602d1443818d7b2f51a5244506612d4e
Size

572KB
MD5

820df9be36b51a00cbd83d1094bfcf4e
SHA1

90252532b8b94e390be9fb68fbbff5381f452ebe
SHA256

faf911b2f6101de4fbee96b8e4b571c7602d1443818d7b2f51a5244506612d4e
SHA512

f705ce81aa69330bffc962ad9da8dd3e8c5cd996f5cf755cccb88e57bcc9d7e4bd31ebe4bddaf008d700558846112ccce204194bf437216e82a7e11f016cc5de
SSDEEP

12288:ojMdypCVTAsnSyZUak2lOvzX4vDkibwY:mpCuTQQ2lMzXwc

Score

N/A

Malware Config

Signatures

Files

faf911b2f6101de4fbee96b8e4b571c7602d1443818d7b2f51a5244506612d4e
.dll windows x86

1509e5f8b1ea95ab2a5438d107b365ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetUserDefaultLangID
GetWindowsDirectoryA
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
MultiByteToWideChar
OpenProcess
OutputDebugStringA
Process32First
Process32Next
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrlenA
GetCPInfo
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
ExitProcess
EnterCriticalSection
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileA
CopyFileA
IsDebuggerPresent
CloseHandle

setupapi

SetupOpenInfFileA
SetupGetLineTextA
SetupDiSetClassInstallParamsA
SetupDiOpenDevRegKey
SetupDiGetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiCallClassInstaller
SetupCloseInfFile

advapi32

DeleteAce
CopySid
AccessCheck
ImpersonateLoggedOnUser
LookupAccountNameA
LookupAccountSidA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegSetValueExA
RevertToSelf
SystemFunction008
GetTokenInformation

Exports

Exports

BadArgument
GetIndicesEx
InitThreads
ReloadModule

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1509e5f8b1ea95ab2a5438d107b365ff

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

Exports

Exports

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 212KB - Virtual size: 211KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 212KB - Virtual size: 211KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 12KB - Virtual size: 12KB