97d4c1d8d636591ded84e6fa4c77c432d716b942b4aab83ef5f3e7d7ac872903

Sharing

Copy URL Twitter E-mail

General

Target

97d4c1d8d636591ded84e6fa4c77c432d716b942b4aab83ef5f3e7d7ac872903
Size

498KB
MD5

33dc0d7466a61f978d14bb6d2d030170
SHA1

ad740e40892e6ba2a50b781bf2611a07f1d95601
SHA256

97d4c1d8d636591ded84e6fa4c77c432d716b942b4aab83ef5f3e7d7ac872903
SHA512

25cac56b829daba5339fd7b0c866616c502ad4ffee3731c20001d23babcd7140ee6f86a0da10a121a4219efaccaa60dccab7d1be0d9cf9efa3e8a41d47ce7957
SSDEEP

6144:qeR/dguNHQeNai17Y56rKnBfWhveajzxwIEUy:t+iQeN/7YkrWBfWhvRhQUy

Score

N/A

Malware Config

Signatures

Files

97d4c1d8d636591ded84e6fa4c77c432d716b942b4aab83ef5f3e7d7ac872903
.exe windows x64

8c3b8d60525771253fbc543c85236364

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cfgmgr32

CMP_WaitNoPendingInstallEvents

setupapi

SetupDiCreateDeviceInfoList
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetINFClassW
SetupDiGetClassDevsExW
SetupDiClassGuidsFromNameExW
SetupDiSetClassInstallParamsW
SetupDiCreateDeviceInfoW

kernel32

LCMapStringA
GetStringTypeW
GetStringTypeA
GetSystemDirectoryA
lstrlenW
GetLastError
LCMapStringW
GetProcAddress
CloseHandle
FreeLibrary
LocalFree
LoadLibraryW
DeleteFileA
GetCommandLineW
Sleep
LocalAlloc
FormatMessageW
CreateFileA
HeapReAlloc
GetCurrentDirectoryW
WideCharToMultiByte
GetModuleHandleA
ExitProcess
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
LoadLibraryA
InitializeCriticalSection
RtlVirtualUnwind
RtlLookupFunctionEntry
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA

advapi32

DeleteService
CloseServiceHandle
OpenServiceW
OpenSCManagerW

shell32

CommandLineToArgvW

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c3b8d60525771253fbc543c85236364

Headers

DLL Characteristics

File Characteristics

Imports

cfgmgr32

setupapi

kernel32

advapi32

shell32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 176B