8d1af2fdadf9b4c8bae91568453e848ebb59248f25265a21b100380d83a3eecb

Sharing

Copy URL Twitter E-mail

General

Target

8d1af2fdadf9b4c8bae91568453e848ebb59248f25265a21b100380d83a3eecb
Size

162KB
MD5

f0d74c4923bb09786d33e387d1dfd41d
SHA1

9442e621dd7cbac19e103bdc94fea37a2e608b09
SHA256

8d1af2fdadf9b4c8bae91568453e848ebb59248f25265a21b100380d83a3eecb
SHA512

fee07eac10de183df4d0ccea6caf588ff7ad2ccf90c2c77c204e0f918ca0b5efb3790839ce83097bf211265c32f1b9d2b0bb2298c9b0dd4a0c4df66161480cef
SSDEEP

3072:qv7rR7wxfqHBKlbIgDlKMGCsHOkiLxx/Zvh0XgS4LmPN2+6e:qv7rRSy0bvMMbIOnzph1SHwf

Score

N/A

Malware Config

Signatures

Files

8d1af2fdadf9b4c8bae91568453e848ebb59248f25265a21b100380d83a3eecb
.exe windows x86

d3a070f2e3a51849e4221b268df75ba0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW
SHSetUnreadMailCountW
SHOpenFolderAndSelectItems

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
AddAce
ChangeServiceConfigW
CloseServiceHandle
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateServiceW
InitializeSid
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegSetKeySecurity

setupapi

SetupDiCreateDevRegKeyW
SetupLogErrorW
SetupDiSetClassInstallParamsW
SetupDiOpenDevRegKey
SetupDiInstallDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassInstallParamsW
SetupOpenLog
SetupCloseLog
CM_Create_DevNodeA
CMP_Report_LogOn

gdi32

CloseEnhMetaFile

user32

OffsetRect
DialogBoxParamW
EnableWindow
EndDialog
ShowWindow
SetWindowTextW
SetWindowLongW
SendMessageW
GetWindowLongW
IsWindowEnabled
GetWindowTextW
GetThreadDesktop
GetParent

msvcrt

_vsnwprintf
wcscmp
_except_handler3

kernel32

GetComputerNameW
GetCurrentProcess
ExitProcess
DisableThreadLibraryCalls
DeviceIoControl
CreateFileW
CompareStringW
CloseHandle
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetLastError
GetTickCount
GetCurrentThreadId
lstrcmpiW
VirtualProtect
VirtualFree
VirtualAlloc
VerifyVersionInfoW
GetWindowsDirectoryW
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
MultiByteToWideChar
LocalAlloc

Exports

Exports

BuildNotificationPackage
HrGetBodyElement
HriCopyStream
PVGetCertificateParam
strtrim

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3a070f2e3a51849e4221b268df75ba0

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

setupapi

gdi32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 7KB