ca9d85c1e879042b7edbc2b5e183cd514507ef611258761d2d0abc084f20c041

Sharing

Copy URL Twitter E-mail

General

Target

ca9d85c1e879042b7edbc2b5e183cd514507ef611258761d2d0abc084f20c041
Size

756KB
MD5

4fea5d2426b9190525ee125f939cea00
SHA1

98d8ae6d9d2419abe8862bfc0a671bb3eed6e30c
SHA256

ca9d85c1e879042b7edbc2b5e183cd514507ef611258761d2d0abc084f20c041
SHA512

9566169c4cea5965a2b7fcde3b2ef76fb40d2afa2a22cd1f9a842fca28546da85337544df948ecc627bd087ef9e54d8cdf53a502f0e6cdd9085d5d19bb19a863
SSDEEP

12288:TLQz62b7sTXRSwGaYoN365Tmsi7MjUtpsv99bw9FZbBNE7+xL:oz62b7sTheaYoN36MfRpbDbPE7

Score

N/A

Malware Config

Signatures

Files

ca9d85c1e879042b7edbc2b5e183cd514507ef611258761d2d0abc084f20c041
.exe windows x64

71bb9d5af897aaf71c180cc4d54c948e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
WideCharToMultiByte
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetCPInfo
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlVirtualUnwind
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
FlsGetValue
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
HeapReAlloc
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW

user32

SendMessageW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

difxapi

DriverPackagePreinstallW
DriverPackageUninstallW
DriverPackageInstallW
DriverPackageGetPathW

setupapi

SetupDiGetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 596KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71bb9d5af897aaf71c180cc4d54c948e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

difxapi

setupapi

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 7KB - Virtual size: 16KB

.pdata Size: 596KB - Virtual size: 2.0MB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 7KB - Virtual size: 16KB

.pdata
Size: 596KB - Virtual size: 2.0MB