5818b2636c8fe9e891632e19aec42948a0102a17274716bd62519bf178a807f0

Sharing

Copy URL Twitter E-mail

General

Target

5818b2636c8fe9e891632e19aec42948a0102a17274716bd62519bf178a807f0
Size

276KB
MD5

b48de2c8fee3a9b914146bc5d71468e2
SHA1

fd6e9dda2dac8423a7477f13016447b213e4d695
SHA256

5818b2636c8fe9e891632e19aec42948a0102a17274716bd62519bf178a807f0
SHA512

a7bafef62ed39434a14024feb7d57a270e7098bbf926c4b0d73e134291975f4aa1cf5d54da454867a3535632674009c2ecd49c7f0bb9e7b5cb3583caebe127c9
SSDEEP

6144:9gLCtPkD0S4HrEoXBz0lNmou9G0LkmDL7aF/J:9giYWSucpmLaF/J

Score

N/A

Malware Config

Signatures

Files

5818b2636c8fe9e891632e19aec42948a0102a17274716bd62519bf178a807f0
.exe windows x86

5e90788516e5d29e0a2171caaddfe636

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetLastError
ExitProcess
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetProcAddress

loadperf

SetServiceAsTrustedW
UpdatePerfNameFilesA
BackupPerfRegistryToFileW

tapiperf

CloseTapiPerformanceData

Sections

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ik
Size: 5KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qXyEK
Size: 4KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 110KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MmDNP
Size: 3KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UCgP
Size: 4KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Yicau
Size: 1KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 106KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iVhF
Size: 2KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 5KB - Virtual size: 774KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e90788516e5d29e0a2171caaddfe636

Headers

File Characteristics

Imports

kernel32

loadperf

tapiperf

Sections

.edata Size: 2KB - Virtual size: 1KB

.Ik Size: 5KB - Virtual size: 937KB

.qXyEK Size: 4KB - Virtual size: 407KB

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 1KB - Virtual size: 26KB

.edata Size: 110KB - Virtual size: 202KB

.MmDNP Size: 3KB - Virtual size: 125KB

.data Size: 8KB - Virtual size: 36KB

.UCgP Size: 4KB - Virtual size: 551KB

.Yicau Size: 1KB - Virtual size: 67KB

.edata Size: 106KB - Virtual size: 150KB

.iVhF Size: 2KB - Virtual size: 313KB

.a Size: 5KB - Virtual size: 774KB

.rsrc Size: 3KB - Virtual size: 2KB

.edata
Size: 2KB - Virtual size: 1KB

.Ik
Size: 5KB - Virtual size: 937KB

.qXyEK
Size: 4KB - Virtual size: 407KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 1KB - Virtual size: 26KB

.edata
Size: 110KB - Virtual size: 202KB

.MmDNP
Size: 3KB - Virtual size: 125KB

.data
Size: 8KB - Virtual size: 36KB

.UCgP
Size: 4KB - Virtual size: 551KB

.Yicau
Size: 1KB - Virtual size: 67KB

.edata
Size: 106KB - Virtual size: 150KB

.iVhF
Size: 2KB - Virtual size: 313KB

.a
Size: 5KB - Virtual size: 774KB

.rsrc
Size: 3KB - Virtual size: 2KB