63b4695c26e2e5a854317d1539033ce189b5190c8395e8f04187873aaf321f11

General

Target

63b4695c26e2e5a854317d1539033ce189b5190c8395e8f04187873aaf321f11
Size

279KB
MD5

13dc29101afbb64915ca2d7c67c079a0
SHA1

867351e703dbee4ae503304d1a4b3bcdd1e00a02
SHA256

63b4695c26e2e5a854317d1539033ce189b5190c8395e8f04187873aaf321f11
SHA512

52a2824fc0563c0379410bfd5509dd52d416b0b3480e4df8178e12e87b3d5d183dac885b3304481aa8608ff76e73f8f788d4ab8c29f723127fa94a73efd35cdc
SSDEEP

6144:lYwX4DY65U+Ep+Ig4wdCgvXQaWNaOIqAwuy6zszBLJm:lN4065tEpTgrdCNPNt05zszRI

Score

N/A

Malware Config

Signatures

Files

63b4695c26e2e5a854317d1539033ce189b5190c8395e8f04187873aaf321f11
.exe windows x86

1666250b26e005e2c38869cdce3d4870

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

shell32

SHGetFolderPathW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

kernel32

DisableThreadLibraryCalls
ResetEvent
GetSystemTime
SetThreadPriority
FreeLibrary
LeaveCriticalSection
AddAtomA
MultiByteToWideChar
IsBadWritePtr
GetModuleFileNameW
GetTickCount
LoadLibraryW
GetModuleFileNameA
CreateFileW
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
GetLastError
CreateSemaphoreA
InterlockedDecrement
WideCharToMultiByte
EnterCriticalSection
GlobalAlloc
FindResourceA
VirtualAlloc
GetThreadPriority
EnumResourceTypesA
TerminateThread
GetExitCodeThread
lstrlenA
ReleaseMutex
CreateMutexA
GetPrivateProfileStructA
ReleaseSemaphore
LoadResource
GetCurrentThreadId
VirtualFree
GetCurrentProcessId
Sleep
HeapFree
LockResource
GetCurrentThread
GetProcessHeap
GetSystemInfo
InterlockedIncrement
IsBadReadPtr
WaitForMultipleObjects
ExitProcess

shlwapi

StrCmpNIA
StrStrA

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 137KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1666250b26e005e2c38869cdce3d4870

Headers

File Characteristics

Imports

comctl32

shell32

setupapi

iphlpapi

kernel32

shlwapi

newdev

Sections

.text Size: 137KB - Virtual size: 272KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 138KB - Virtual size: 138KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 272KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 138KB - Virtual size: 138KB

.rsrc
Size: 512B - Virtual size: 4KB