93c41489958da4c02bf10de7d1d7d5ac7916b6d013234eb1b31b6daefc4e8537

Sharing

Copy URL Twitter E-mail

General

Target

93c41489958da4c02bf10de7d1d7d5ac7916b6d013234eb1b31b6daefc4e8537
Size

327KB
MD5

40ea8ecce3d1ede976ee1dcabf4fbf71
SHA1

6bdaba4123b2a09c13138214d715da45f8ef73b4
SHA256

93c41489958da4c02bf10de7d1d7d5ac7916b6d013234eb1b31b6daefc4e8537
SHA512

8f26c7d21bfce8ffd1e0ee12d651c7506f6693ad314661b45dd7bf9d1102e2b6ce198cd3dbe2505ba2931204b40157c02f8b008390b3ba908460cc442a5bef9a
SSDEEP

6144:43MVk9U3mgJukP+2Ucpn5qAKP1UkrMhcOIk8kRL5YejF:VCU0aZLLqEkrMhct8OUF

Score

N/A

Malware Config

Signatures

Files

93c41489958da4c02bf10de7d1d7d5ac7916b6d013234eb1b31b6daefc4e8537
.exe windows x86

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

kernel32

GetThreadLocale
LocalFree
IsDBCSLeadByte
FindResourceExA
GetCurrentThreadId
GetProcessHeap
lstrcpynA
HeapDestroy
LockResource
lstrlenA
lstrlenW
HeapAlloc
HeapReAlloc
LeaveCriticalSection
FindResourceA
HeapFree
DeleteCriticalSection
SizeofResource
HeapSize
RaiseException
FormatMessageA
RemoveDirectoryA
GetModuleHandleA
lstrcatA
EnterCriticalSection
DeleteFileA
LoadResource
lstrcmpiA
GetSystemTimeAsFileTime
lstrcpyA
WideCharToMultiByte
GetACP
GetCurrentProcessId
VirtualAllocEx

shlwapi

PathFindExtensionA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA

oleaut32

UnRegisterTypeLi
SysAllocString
LoadRegTypeLi
VariantClear
VariantChangeType
VariantInit
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocStringLen
SysStringLen
SysFreeString

user32

CharNextA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
StringFromCLSID

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Remove
LBItemFromPt
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_SetFilter

syssetup

AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
SetupSetDisplay
AsrAddSifEntryW
AsrAddSifEntryA
SetupInfObjectInstallActionW
AsrCreateStateFileA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

Imports

shell32

kernel32

shlwapi

advapi32

oleaut32

user32

ole32

comctl32

syssetup

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 295KB - Virtual size: 913KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 295KB - Virtual size: 913KB

.rsrc
Size: 11KB - Virtual size: 10KB