8757ba41cbd3279ad7d94f2df1ecc1e92ba829bdb7747edb2895054269c459db

Sharing

Copy URL Twitter E-mail

General

Target

8757ba41cbd3279ad7d94f2df1ecc1e92ba829bdb7747edb2895054269c459db
Size

288KB
MD5

31ca47a052581ed584b9c9d73d279db3
SHA1

6c4e68026553e5c18dbdd94ef28709ff877099da
SHA256

8757ba41cbd3279ad7d94f2df1ecc1e92ba829bdb7747edb2895054269c459db
SHA512

a924c11dafe0db5fda089f74f9232736900cc6e7ea34779cbb212a667b6804d2a341e1b5a72f563859845e82491f29b24497e50f6b5912c96dafa5c6a14f479e
SSDEEP

6144:9itGyLv17iXjYKXY2by5E6tFD6zWPdbODuUIk5:KGC8xbyvtyIGuUI

Score

N/A

Malware Config

Signatures

Files

8757ba41cbd3279ad7d94f2df1ecc1e92ba829bdb7747edb2895054269c459db
.exe windows x86

435d6d7d1aa1b4575e781475281d81a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LockResource
FindResourceExA
EnterCriticalSection
LeaveCriticalSection
ExpandEnvironmentStringsA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
lstrcpyA
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetVersion
GetCommandLineA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
SetEvent
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
GetCurrentThreadId
GetModuleHandleA
CreateEventA
CreateThread
Sleep
GetCurrentThread
GetCurrentProcess
GetModuleFileNameA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CloseHandle
HeapAlloc
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WriteFile
ExitProcess
HeapCreate
VirtualFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetFileType
GetStdHandle
SetHandleCount
GetStartupInfoA
VirtualQuery
GetSystemInfo
GetProcAddress
RtlUnwind
VirtualProtect
VirtualAlloc

user32

DispatchMessageA
GetMessageA
PostThreadMessageA
LoadStringA
CharNextA
CharUpperA
MessageBoxA
wsprintfA
UnregisterClassA
TranslateMessage

advapi32

StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenThreadToken
OpenProcessToken
RegEnumKeyExA
ControlService
DeleteService
CreateServiceA
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource

ole32

CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoInitializeSecurity
StringFromCLSID
CoUninitialize

shell32

ShellExecuteA
SHGetFileInfoA

oleaut32

LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantInit
VariantClear
VariantCopy
VariantChangeType
SysStringLen
SysFreeString
LoadRegTypeLi
GetErrorInfo
SysAllocString

shlwapi

StrStrIA
StrCmpNIA

setupapi

SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 164KB - Virtual size: 420KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

435d6d7d1aa1b4575e781475281d81a6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

setupapi

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 3KB

PACK Size: 164KB - Virtual size: 420KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 3KB

PACK
Size: 164KB - Virtual size: 420KB