2fe6b7170d45188f7ee25d09a40365c1e22534cadf868c56b2a84c6f5c671dd8

General

Target

2fe6b7170d45188f7ee25d09a40365c1e22534cadf868c56b2a84c6f5c671dd8
Size

614KB
MD5

137a24b5f79b8676fb6f2286ac5c01f0
SHA1

3bcb43c901339d9ba6b6db53962fc240c16f4805
SHA256

2fe6b7170d45188f7ee25d09a40365c1e22534cadf868c56b2a84c6f5c671dd8
SHA512

2a009062677463797c6868142a0b45a7c8e3953185a11d81853d0e34461c4c17c719227609e4a9c1c63d4e6700ecdadf81c83750fd40f4d95954ae11b8d4fb7c
SSDEEP

12288:W0GXZyaIhFJ2B76Jjp28Htrc1lgFN4ULCH2YhGo6R3Yn5lVjnWX:W0GMwB7Mp2O+goULCWnXY5lVy

Score

N/A

Malware Config

Signatures

Files

2fe6b7170d45188f7ee25d09a40365c1e22534cadf868c56b2a84c6f5c671dd8
.exe windows x86

90d0d95559b03cc98c62655178bf154d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegCloseKey

kernel32

GetLastError
CloseHandle
SetEvent
OpenEventW
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

__p__fmode
_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
_vsnwprintf
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memset
_wcsicmp

setupapi

SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsExW

newdev

DiUninstallDevice

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 580KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

90d0d95559b03cc98c62655178bf154d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

setupapi

newdev

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 896B

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 580KB - Virtual size: 2.3MB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 896B

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 580KB - Virtual size: 2.3MB