b9ca5e641ea25590c2eabc53cebdbf38f19f5c10c81e2b7c90761910de253759

Sharing

Copy URL

Twitter E-mail

General

Target

b9ca5e641ea25590c2eabc53cebdbf38f19f5c10c81e2b7c90761910de253759
Size

144KB
MD5

0c309cac018d98471faf31feff28e8e0
SHA1

d62789b02b92a067bf4569f86cde6f939a3fd7a4
SHA256

b9ca5e641ea25590c2eabc53cebdbf38f19f5c10c81e2b7c90761910de253759
SHA512

44ce9659bbb15ac9c992c7bb52c9a1bf33fb971b02c093090529e7b4a8eba0d57be480d715f94784b10976662395bda4d3f2d691ec865a1a4b792c1440eaf511
SSDEEP

3072:X6pyTK5LYYGEKZzTmq7u7vSZFXm0wqP6b/MnDlfFvaZ:X6py6LaWz7S7wqP6gDlRaZ

Score

N/A

Malware Config

Signatures

Files

b9ca5e641ea25590c2eabc53cebdbf38f19f5c10c81e2b7c90761910de253759
.exe windows x86

27ef1b0c54b9b1d862e96eef10ed1fa1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
HeapFree
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
SetLastError
TlsFree
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetModuleHandleA
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetProcAddress
ExitProcess
GetVersionExA
GetCurrentProcess
CloseHandle
CreateMutexA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
FreeLibrary
CreateFileA
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetShortPathNameA
MoveFileExA
SetFilePointer
SetStdHandle
FlushFileBuffers
ReadFile
GetSystemDirectoryA
GetCommandLineA
GetStartupInfoA

advapi32

RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegGetKeySecurity
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
AllocateAndInitializeSid
GetTokenInformation
EqualSid
FreeSid
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
AdjustTokenPrivileges

user32

EndDialog
ShowWindow
GetDlgItem
MessageBoxA
ExitWindowsEx
SetWindowTextA
DialogBoxParamA
SetDlgItemTextA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiSetClassInstallParamsA
SetupPromptReboot
SetupDiEnumDeviceInfo
SetupFindNextLine
SetupFindFirstLineA
SetupGetStringFieldA
SetupCloseInfFile
SetupOpenInfFileA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiOpenClassRegKeyExA
SetupDiGetDeviceInstallParamsA
SetupDiCallClassInstaller

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27ef1b0c54b9b1d862e96eef10ed1fa1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

setupapi

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 3KB - Virtual size: 9KB

.rsrc Size: 74KB - Virtual size: 76KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 3KB - Virtual size: 9KB

.rsrc
Size: 74KB - Virtual size: 76KB