fb5c29ca09afb263862929a19e91fdd2e038093d308143c14c644c139a911a62

General

Target

fb5c29ca09afb263862929a19e91fdd2e038093d308143c14c644c139a911a62
Size

186KB
MD5

f764df545f4ab51be939b940a17dc77e
SHA1

7f88754d58246aef0fd6646cb8ae48b2b753c5ff
SHA256

fb5c29ca09afb263862929a19e91fdd2e038093d308143c14c644c139a911a62
SHA512

4bd6a51ee43e5940f464055a5c297362157fdf96a9898022b4c6ed88a5519bb51eb7133a55504977dd064a80f36cb0f99238612012c407fb7d1b195dc83ef5de
SSDEEP

3072:pSPm2cH7Y6VsPqBrryHOYYOXlX/WaGhT/XLrq1at7lr3OEHez7+SJ6R2v7gHvKn+:4NuE6Tdmu8+T/7rl7lreEkgUI

Score

N/A

Malware Config

Signatures

Files

fb5c29ca09afb263862929a19e91fdd2e038093d308143c14c644c139a911a62
.exe windows x86

51a13add7ca1940eeafa5659db3b1591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
HeapCreate
WriteFile
TlsAlloc
GetFileType
AddAtomA
VirtualQuery
GetEnvironmentStrings
TlsFree
GetACP
SetHandleCount
TerminateProcess
InterlockedExchange
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
HeapSize
IsBadWritePtr
EnumResourceLanguagesA
GetStdHandle
SetEndOfFile
QueryPerformanceCounter
lstrcpyW
HeapDestroy
GetCurrentProcess
TlsGetValue
GetCurrentProcessId
VirtualFree
GetSystemTimeAsFileTime
TlsSetValue
GetSystemInfo
UnhandledExceptionFilter
VirtualAlloc
GetLocaleInfoA
GetModuleFileNameA
GetVersionExA
GetOEMCP
FreeEnvironmentStringsW
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

user32

SendMessageA
EnumChildWindows
DestroyWindow
IsWindow
GetDlgItem
CreateWindowExW
GetWindowThreadProcessId

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 100KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51a13add7ca1940eeafa5659db3b1591

Headers

File Characteristics

Imports

kernel32

shell32

user32

setupapi

mprapi

newdev

iphlpapi

Sections

.text Size: 100KB - Virtual size: 243KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 243KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB