a34c5b037235f4963588f2ead9d858104aa12a724b2e12c2d218e334b8921c10

Sharing

Copy URL

Twitter E-mail

General

Target

a34c5b037235f4963588f2ead9d858104aa12a724b2e12c2d218e334b8921c10
Size

977KB
MD5

42e559649d2e0115ba3b5b353a633040
SHA1

081502c3ecfe5d210acc25496f296d6cd9120063
SHA256

a34c5b037235f4963588f2ead9d858104aa12a724b2e12c2d218e334b8921c10
SHA512

5c7da343f82f2ae10694c6592806bc9df9923f73df0c2e7660a494682c69ad1416112d2e530474e40de05b567eae1f4e14009c41646f587567c11da1eafd0db6
SSDEEP

12288:h1gHR3qf7EjRYWpIYC231BtFixkJHRa8drqX19Hp2nFndc1zB01FY/zUWHb:/gHJSnWpIWOkJxrql94nGG4

Score

N/A

Malware Config

Signatures

Files

a34c5b037235f4963588f2ead9d858104aa12a724b2e12c2d218e334b8921c10
.exe windows x64

03af11526062f74676deb2ab7d361e01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiClassGuidsFromNameA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA

advapi32

CreateServiceA
InitializeSecurityDescriptor
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetServiceStatus
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService
QueryServiceStatus
ControlService
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ConvertStringSecurityDescriptorToSecurityDescriptorA

rpcrt4

RpcServerListen
RpcServerRegisterIf
RpcServerRegisterAuthInfoA
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
NdrServerCall2

shlwapi

SHCopyKeyA
SHDeleteKeyA

kernel32

GetTimeZoneInformation
CreateFileA
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
EnterCriticalSection
RtlPcToFileHeader
FlushFileBuffers
RaiseException
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlVirtualUnwind
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetDateFormatA
GetTimeFormatA
GetPrivateProfileStringA
lstrcatA
lstrlenA
lstrcpyA
GetModuleFileNameA
GetLastError
LocalFree
FormatMessageA
Sleep
SetConsoleCtrlHandler
CloseHandle
CreateEventA
SetEvent
GetProcAddress
GetModuleHandleA
ExitProcess
HeapSize
HeapValidate
IsBadReadPtr
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetModuleFileNameW
RtlUnwindEx
LeaveCriticalSection
FlsGetValue
TlsAlloc
FlsSetValue
GetCurrentThreadId
FlsAlloc
TlsFree
FlsFree
SetLastError
TlsSetValue
GetCurrentThread
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
DeleteCriticalSection
FatalAppExitA
FreeLibrary
LoadLibraryA
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapSetInformation
HeapCreate
HeapDestroy
HeapReAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlLookupFunctionEntry
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp1
Size: 540KB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03af11526062f74676deb2ab7d361e01

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

advapi32

rpcrt4

shlwapi

kernel32

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 6KB - Virtual size: 15KB

.pdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.vmp1 Size: 540KB - Virtual size: 1.8MB

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 6KB - Virtual size: 15KB

.pdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.vmp1
Size: 540KB - Virtual size: 1.8MB