a02985f66fd7c647dcc02196aa24649625db431984caf3b58f3fbd4fd591279a

Sharing

Copy URL Twitter E-mail

General

Target

a02985f66fd7c647dcc02196aa24649625db431984caf3b58f3fbd4fd591279a
Size

327KB
MD5

9db8e544cd618b8d1a022b9dcd0d3308
SHA1

a3437adb986e930ea66531b1e85dc221b9137ed1
SHA256

a02985f66fd7c647dcc02196aa24649625db431984caf3b58f3fbd4fd591279a
SHA512

31c07b3a88e2e9d6170f087a0bae82d9a981bf80fd8b3584071c4e01d7cdfc72ab06601417aa7df8d580b0d7912b639edf0689d2bcb792c11d2bb2688a9387b9
SSDEEP

6144:A3MVk9U3mgJukP+2Ucpn5qAKP1UkrMhcOIk8kRL5YejF:NCU0aZLLqEkrMhct8OUF

Score

N/A

Malware Config

Signatures

Files

a02985f66fd7c647dcc02196aa24649625db431984caf3b58f3fbd4fd591279a
.exe windows x86

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoA

kernel32

GetThreadLocale
LocalFree
IsDBCSLeadByte
FindResourceExA
GetCurrentThreadId
GetProcessHeap
lstrcpynA
HeapDestroy
LockResource
lstrlenA
lstrlenW
HeapAlloc
HeapReAlloc
LeaveCriticalSection
FindResourceA
HeapFree
DeleteCriticalSection
SizeofResource
HeapSize
RaiseException
FormatMessageA
RemoveDirectoryA
GetModuleHandleA
lstrcatA
EnterCriticalSection
DeleteFileA
LoadResource
lstrcmpiA
GetSystemTimeAsFileTime
lstrcpyA
WideCharToMultiByte
GetACP
GetCurrentProcessId
VirtualAllocEx

shlwapi

PathFindExtensionA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA

oleaut32

UnRegisterTypeLi
SysAllocString
LoadRegTypeLi
VariantClear
VariantChangeType
VariantInit
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocStringLen
SysStringLen
SysFreeString

user32

CharNextA

ole32

CoCreateInstance
StringFromGUID2
CoTaskMemFree
StringFromCLSID

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Remove
LBItemFromPt
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_SetFilter

syssetup

AsrRestorePlugPlayRegistryData
AsrCreateStateFileW
SetupSetDisplay
AsrAddSifEntryW
AsrAddSifEntryA
SetupInfObjectInstallActionW
AsrCreateStateFileA

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0bfd0c37d417a5a0fb1a3e65b206772

Headers

File Characteristics

Imports

shell32

kernel32

shlwapi

advapi32

oleaut32

user32

ole32

comctl32

syssetup

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 295KB - Virtual size: 913KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 295KB - Virtual size: 913KB

.rsrc
Size: 11KB - Virtual size: 10KB