fa49fad6f8fbf1ebf45a35edc2168307d8375f812c4a63a3170b7bc608dfb269

General

Target

fa49fad6f8fbf1ebf45a35edc2168307d8375f812c4a63a3170b7bc608dfb269
Size

285KB
MD5

02609fd94188bfd4d005c7d908b91bd2
SHA1

4619bd390816783fb2a020bc3fb24e804b617498
SHA256

fa49fad6f8fbf1ebf45a35edc2168307d8375f812c4a63a3170b7bc608dfb269
SHA512

32cbaf615c34a34b8558b00a362af70bfd3908be7b87e34483ea4ad9c8c2659f39710d0c1bec3a51d5b9ac3ec13384097ba01851e4ddb781becbe7f62813eab2
SSDEEP

6144:IR1iRzgpOljh+WJCnLuJY2xRrFjANe7z22aUECGiwLovVQ4e+WVJ:IRERBmWJCKJY+TC2aUaCv3xW

Score

N/A

Malware Config

Signatures

Files

fa49fad6f8fbf1ebf45a35edc2168307d8375f812c4a63a3170b7bc608dfb269
.exe windows x86

759e3c6cfa25ce00b554f0ebfc6bff8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetFolderPathW

gdi32

DeleteObject

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

ReportEventW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
OpenProcessToken
RegisterEventSourceW
DeregisterEventSource
DeleteService
ControlService
RegEnumKeyExW
SetServiceStatus
OpenThreadToken
CreateServiceW

kernel32

SetThreadPriority
LoadResource
FindAtomW
CopyFileW
GetFileAttributesW
GetDriveTypeW
FindClose
GetExitCodeThread
DeleteFileW
GetModuleHandleA
GetProcAddress
ReleaseMutex
ResumeThread
GetStartupInfoW
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
EnumResourceLanguagesW
CreateFileW
FindFirstFileW
DeviceIoControl
GetCommandLineW
GetConsoleCommandHistoryW
LoadLibraryExW
LeaveCriticalSection
SetPriorityClass
OutputDebugStringW
FindNextFileW
OpenThread
CreateDirectoryW
ExitProcess
GetCurrentProcessId
EnterCriticalSection
FindResourceW

Sections

.text
Size: 143KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

759e3c6cfa25ce00b554f0ebfc6bff8c

Headers

File Characteristics

Imports

shell32

gdi32

setupapi

advapi32

kernel32

Sections

.text Size: 143KB - Virtual size: 271KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 138KB - Virtual size: 137KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 271KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 138KB - Virtual size: 137KB

.rsrc
Size: 512B - Virtual size: 4KB