72081c28fa67dfd01e92142cad300e0821ad36af81160cf20a53a7127ffa9de7

Sharing

Copy URL Twitter E-mail

General

Target

72081c28fa67dfd01e92142cad300e0821ad36af81160cf20a53a7127ffa9de7
Size

77KB
MD5

0c5ff31c3d5cdd14608554b903f4e3b0
SHA1

a5dba0b98e7e238b842dd41b2614b3cde5348a8f
SHA256

72081c28fa67dfd01e92142cad300e0821ad36af81160cf20a53a7127ffa9de7
SHA512

20f81bf0c3a45cdf1635138f6ab84b4516c4305ff7b277bc5dc2ad872b5af3252564d7ad3d411d20eda6c79d65593c5c503e727a9e24e31fed2898eab38a61d5
SSDEEP

1536:j4KxKTCBo+RGohc2UoJiUYQnW2THUX1gkGdLHM2H:j47C6ov5YQnXHRd

Score

N/A

Malware Config

Signatures

Files

72081c28fa67dfd01e92142cad300e0821ad36af81160cf20a53a7127ffa9de7
.exe windows x86

cf7c98e6268961a9f203ebc4d8a19135

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegUnLoadKeyW
RegCloseKey
CheckTokenMembership
ConvertStringSidToSidW
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
TraceEvent
EqualSid
IsValidSid
GetLengthSid
CopySid
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid

kernel32

SetLastError
WaitForSingleObject
OpenEventW
LoadLibraryW
FreeLibrary
GetVersionExW
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
SetEndOfFile
CreateFileMappingW
MapViewOfFile
SetFilePointer
GetProcessHeap
GetCurrentThread
GetProcAddress
GetSystemWindowsDirectoryW
WaitForSingleObjectEx
ExpandEnvironmentStringsW
lstrcmpiW
FindFirstFileW
lstrcmpW
FindClose
FindNextFileW
lstrlenW
CompareStringW
HeapFree
HeapReAlloc
EnterCriticalSection
HeapAlloc
LeaveCriticalSection
HeapDestroy
GetModuleFileNameW
DeleteCriticalSection
OutputDebugStringW
GetModuleFileNameA
OutputDebugStringA
DebugBreak
HeapCreate
InitializeCriticalSection
GetModuleHandleW
GetLastError
LocalFree
FormatMessageW
InterlockedExchange
Sleep
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
LCMapStringW
CloseHandle
UnmapViewOfFile
WaitForMultipleObjectsEx
ReleaseMutex
GetThreadLocale
RaiseException
CreateMutexW
CreateEventW
SetEvent

msvcrt

__wgetmainargs
wcschr
strrchr
_vsnprintf
memset
wprintf
_wcsicmp
_vsnwprintf
_onexit
_lock
__dllonexit
_unlock
_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
memcpy
_wcsnicmp
_resetstkoflw
wcsrchr
_cexit

user32

LoadStringW

setupapi

SetupGetFieldCount
SetupFindNextLine
SetupGetStringFieldW
SetupFindFirstLineW
SetupOpenInfFileW
SetupCloseInfFile
SetupDiGetINFClassW
SetupDiGetActualModelsSectionW

newdev

DiInstallDriverW

rpcrt4

RpcStringFreeW
UuidToStringW

mpr

WNetAddConnection2W
WNetCancelConnection2W

ntdll

RtlNtStatusToDosError
RtlFreeHeap
RtlAllocateHeap

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf7c98e6268961a9f203ebc4d8a19135

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

setupapi

newdev

rpcrt4

mpr

ntdll

Sections

.text Size: 50KB - Virtual size: 50KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 22KB - Virtual size: 25KB

.text
Size: 50KB - Virtual size: 50KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 22KB - Virtual size: 25KB