89893a2b56046141af20d9ec1b12dc1337a9035b706a2258da41746437538e53

General

Target

89893a2b56046141af20d9ec1b12dc1337a9035b706a2258da41746437538e53
Size

283KB
MD5

c444968a4cc78b3c641e4f9669bd9559
SHA1

ab244d46f34858931f3e00516492002ce77567e2
SHA256

89893a2b56046141af20d9ec1b12dc1337a9035b706a2258da41746437538e53
SHA512

1a93f0c941e8c3652da56d98579e1682a43264d31e0fc908b0cfdf1eb129d4ac93187fb132719bddfae53c57b5d6c61a8952e372cee5e9087e44c727dcfad55b
SSDEEP

6144:kru2ca/TMeqZYgS7zFDIqKjRrpKvmj9TDAbaiUTrudf:kru/0TM/ZYgS7O5BfFAf

Score

N/A

Malware Config

Signatures

Files

89893a2b56046141af20d9ec1b12dc1337a9035b706a2258da41746437538e53
.exe windows x86

45c0e6b72e86bbae786d580e84844171

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

EnumChildWindows
DestroyWindow
CreateWindowExW
GetDlgItem
SendMessageA
IsWindow
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

WriteFile
GetStdHandle
TlsFree
GetEnvironmentStrings
GetFileType
TlsAlloc
AddAtomA
TlsSetValue
UnhandledExceptionFilter
GetCurrentProcessId
HeapSize
HeapCreate
GetSystemTimeAsFileTime
IsBadWritePtr
VirtualAlloc
TlsGetValue
FreeEnvironmentStringsA
EnumResourceLanguagesA
HeapDestroy
GetStartupInfoA
GetVersionExA
GetSystemInfo
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
VirtualQuery
lstrcpyW
GetCPInfo
GetLocaleInfoA
GetACP
InterlockedExchange
GetOEMCP
SetLastError
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
VirtualFree
SetEndOfFile
QueryPerformanceCounter
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 145KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45c0e6b72e86bbae786d580e84844171

Headers

File Characteristics

Imports

mprapi

user32

newdev

shell32

kernel32

iphlpapi

setupapi

Sections

.text Size: 145KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 134KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 134KB

.rsrc
Size: 512B - Virtual size: 4KB