a1f91a2a440c70f319930d870e1ff2a469df9b86753b1666e9a08695cec0b648

Sharing

Copy URL

Twitter E-mail

General

Target

a1f91a2a440c70f319930d870e1ff2a469df9b86753b1666e9a08695cec0b648
Size

327KB
MD5

947e41ee529a41dae4a13dbe0b14c75f
SHA1

e26bdebaff268424f7ab64df4dd608de385c410c
SHA256

a1f91a2a440c70f319930d870e1ff2a469df9b86753b1666e9a08695cec0b648
SHA512

5c5007aa489fc22f21d18385742e8ddfc7dc46670647a779044b93d6aa257b2bee6e9357327c7397e088460d76cb02674d53f422b5aea3bbdc444fc72ca1badf
SSDEEP

6144:83MVk9U3mgJukP+2Ucpn5qAKP1UkrMhcOIk8kRL5YejF:hCU0aZLLqEkrMhct8OUF

Score

N/A

Malware Config

Signatures

Files

a1f91a2a440c70f319930d870e1ff2a469df9b86753b1666e9a08695cec0b648
.exe windows x86

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

kernel32

GetThreadLocale
LocalFree
IsDBCSLeadByte
FindResourceExA
GetCurrentThreadId
GetProcessHeap
lstrcpynA
HeapDestroy
LockResource
lstrlenA
lstrlenW
HeapAlloc
HeapReAlloc
LeaveCriticalSection
FindResourceA
HeapFree
DeleteCriticalSection
SizeofResource
HeapSize
RaiseException
FormatMessageA
RemoveDirectoryA
GetModuleHandleA
lstrcatA
EnterCriticalSection
DeleteFileA
LoadResource
lstrcmpiA
GetSystemTimeAsFileTime
lstrcpyA
WideCharToMultiByte
GetACP
GetCurrentProcessId
VirtualAllocEx

shlwapi

PathFindExtensionA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA

oleaut32

UnRegisterTypeLi
SysAllocString
LoadRegTypeLi
VariantClear
VariantChangeType
VariantInit
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocStringLen
SysStringLen
SysFreeString

user32

CharNextA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
StringFromCLSID

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Remove
LBItemFromPt
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_SetFilter

syssetup

AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
SetupSetDisplay
AsrAddSifEntryW
AsrAddSifEntryA
SetupInfObjectInstallActionW
AsrCreateStateFileA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

Imports

shell32

kernel32

shlwapi

advapi32

oleaut32

user32

ole32

comctl32

syssetup

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 295KB - Virtual size: 913KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 295KB - Virtual size: 913KB

.rsrc
Size: 11KB - Virtual size: 10KB