156d986ba0d87af20a6c88fcc2a80f7b919af06e029a1b09181a958d6245ee2c

General

Target

156d986ba0d87af20a6c88fcc2a80f7b919af06e029a1b09181a958d6245ee2c
Size

184KB
MD5

cb64254e162de07b6ec6642ab9b00deb
SHA1

3f67672e85d7fb151ba82e4765b6f960de2ef50b
SHA256

156d986ba0d87af20a6c88fcc2a80f7b919af06e029a1b09181a958d6245ee2c
SHA512

f1dd3e350802862e6eb18746a549a68113faf6f381bf6f6af8af0f1325a8c1ed8ba86897f30c4069f579b4974aba9961729ac737c0ff84c2d3e6ded935a13162
SSDEEP

3072:yyy2m9R6EY/FaxQWzJV2xku2Vs0ztrDhRv3bjnBkALGMcIb0EDCrFcy/AWI3Y6x2:jmRk3CmknVs0ztrNp3ppGvyK/goWqBp

Score

N/A

Malware Config

Signatures

Files

156d986ba0d87af20a6c88fcc2a80f7b919af06e029a1b09181a958d6245ee2c
.exe windows x86

90d66be15b05d75271d974937fa60657

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

DeleteObject

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

advapi32

OpenServiceW
OpenSCManagerW
RegisterEventSourceW
CloseServiceHandle
ReportEventW
OpenProcessToken
OpenThreadToken
ControlService
DeleteService
DeregisterEventSource
RegEnumKeyExW
SetServiceStatus
CreateServiceW

kernel32

FindAtomA
CreateDirectoryW
QueryPerformanceCounter
GetCommandLineW
DeviceIoControl
FindClose
CopyFileW
ReleaseMutex
ExitProcess
GetStartupInfoW
EnterCriticalSection
LoadResource
ResumeThread
GetTickCount
DeleteFileW
FindNextFileW
LoadLibraryExW
SetPriorityClass
EnumResourceLanguagesA
OutputDebugStringW
CreateFileW
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadModule
FindFirstFileW
GetFileAttributesW
SetThreadPriority
LeaveCriticalSection
GetExitCodeThread
GetModuleHandleA
GetDriveTypeW
GetProcAddress
OpenThread
FindResourceW

Sections

.text
Size: 91KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90d66be15b05d75271d974937fa60657

Headers

File Characteristics

Imports

gdi32

setupapi

advapi32

kernel32

Sections

.text Size: 91KB - Virtual size: 235KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 235KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 512B - Virtual size: 4KB