f1ef581a1cb7c69ac632ffa4d81e47028aeb3b0a949b1c80f22f3a6c54583cfb

General

Target

f1ef581a1cb7c69ac632ffa4d81e47028aeb3b0a949b1c80f22f3a6c54583cfb
Size

168KB
MD5

5f63da35c7e93be376a0da3c9094c460
SHA1

c9043e8396a1ec57d63989ebba3380917b6772c8
SHA256

f1ef581a1cb7c69ac632ffa4d81e47028aeb3b0a949b1c80f22f3a6c54583cfb
SHA512

5da02391f27f02f4726eab2ad1367f3587fd8e8884d9ab1d0e41f1b58bf19eaab83291d5ffea192089bd7dc96931341c863943d8cdbaaa8e460316ed28a9c602
SSDEEP

3072:1fKCFOIulxdZxqFlJe4a/dYGZTX6Pi7S+CwDyAv5zzL50vdEnGmLRsEU/zRim9Wz:1CyORlR14a/qu7S+CgyW5vL5BhLRsEm6

Score

N/A

Malware Config

Signatures

Files

f1ef581a1cb7c69ac632ffa4d81e47028aeb3b0a949b1c80f22f3a6c54583cfb
.exe windows x86

aa8e485866d33becb6985def32904a50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

DeleteFileA
GetModuleFileNameA
lstrlenA
ReadFile
WaitForSingleObject
GetVersionExA
GetFileSize
AddAtomW
DisableThreadLibraryCalls
Sleep
VirtualFree
CreateFileW
VirtualAlloc
GetSystemTimeAsFileTime
DeviceIoControl
GetFileAttributesA
GetModuleFileNameW
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSection
GetVolumeInformationA
GlobalFree
InterlockedDecrement
GetSystemTime
EnumResourceNamesA
SetFileAttributesA
InterlockedIncrement
GetTempFileNameA
MultiByteToWideChar
CreateDirectoryA
ReleaseMutex
CopyFileA
GlobalLock
CloseHandle
CreateHardLinkW
SetFilePointer
CreateMutexA
GlobalUnlock
CreateFileA
GetCurrentThreadId
GetTempPathA
LocalAlloc
WideCharToMultiByte
LocalFree
GetTickCount
QueryPerformanceCounter
GetLastError
FreeLibrary

advapi32

RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegCloseKey

Sections

.text
Size: 90KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa8e485866d33becb6985def32904a50

Headers

File Characteristics

Imports

setupapi

lz32

kernel32

advapi32

Sections

.text Size: 90KB - Virtual size: 485KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 90KB - Virtual size: 485KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB