84a577eebe9ca159bec5d5adf02828135fe4776308c9f716fff6fe5d96787490

Sharing

Copy URL Twitter E-mail

General

Target

84a577eebe9ca159bec5d5adf02828135fe4776308c9f716fff6fe5d96787490
Size

244KB
MD5

0911215cc7e81a037dddb2ffa263c370
SHA1

a47fc299413d1ef01d3aaf780f6c61e1f6697b61
SHA256

84a577eebe9ca159bec5d5adf02828135fe4776308c9f716fff6fe5d96787490
SHA512

bdca69fd4bbb781a2834f794da07a2d9e0a5c53b63fcf709fdfc849bc5bb07610cecbc0b10771dd749a28c5cf1ca77fa7aa5f278dd9ff0cfff3bdf78a11a9508
SSDEEP

3072:aFQ3UZlH2MmdLiugRKpIo3atp9nVuaoiuN7N/RtSao7pqOf0i/:aFxZlHBmwgio3InOiQ/TipFfP

Score

N/A

Malware Config

Signatures

Files

84a577eebe9ca159bec5d5adf02828135fe4776308c9f716fff6fe5d96787490
.dll windows x86

02a91351c88640b9461dd02acdf0c033

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupOpenInfFileA
SetupFindFirstLineA
SetupCloseInfFile
SetupDiRemoveDevice
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiEnumDeviceInfo
SetupUninstallOEMInfA

shlwapi

StrToIntA

kernel32

GetSystemDefaultLangID
GetLocaleInfoA
GetCurrentProcess
GetVersionExA
WinExec
GetWindowsDirectoryA
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetProcAddress
GetLastError
LocalFree
LocalAlloc
lstrlenA
FreeLibrary
DeleteFileA
FindFirstFileA
SetFileAttributesA
FindNextFileA
FindClose
IsValidCodePage
InitializeCriticalSection
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
GetTimeZoneInformation
HeapSize
GetLocaleInfoW
CompareStringA
CompareStringW
GetCommandLineA
RemoveDirectoryA
HeapFree
HeapAlloc
GetCurrentThreadId
SetEnvironmentVariableA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

wsprintfA
SetCursor
LoadCursorA
ExitWindowsEx
GetFocus
MessageBoxA

advapi32

GetTokenInformation
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
LookupAccountNameA
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegSetValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken

Exports

Exports

WinMainRmv

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

02a91351c88640b9461dd02acdf0c033

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 7KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 7KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 60KB - Virtual size: 60KB