f5023700653d6e065fab89fe145eb92b1f99b08fb6b8324c0d06986a87726e89

Sharing

Copy URL Twitter E-mail

General

Target

f5023700653d6e065fab89fe145eb92b1f99b08fb6b8324c0d06986a87726e89
Size

1.1MB
MD5

cd6b0541143ee865a825ba888ffa07aa
SHA1

434fda8af6e2a20c50870040d89ed463f159d561
SHA256

f5023700653d6e065fab89fe145eb92b1f99b08fb6b8324c0d06986a87726e89
SHA512

c5701c21163dcf9dcd5b24045b12abb9b39e0d72989d14e273b93d05a3b6ffad0bcd76760ae51cf0c57e470f455df8fd6146e39feda8b4b2df70dc5ba8b75a4e
SSDEEP

12288:QrU8FtBfeXHe0sKJC6MWthrAn38v/uckNi04PJOOweaA9ckW4CsDd8kMCz1l0q/v:pI72XHeCLKn38v6QtJTX2azJP0

Score

N/A

Malware Config

Signatures

Files

f5023700653d6e065fab89fe145eb92b1f99b08fb6b8324c0d06986a87726e89
.exe windows x86

936e959f32529e8aaf2bf1c219f9d499

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
CreateFileW
CloseHandle
lstrcmpA
GetSystemDefaultLangID
DisableThreadLibraryCalls
GetCurrentProcessId
GetTickCount
GetLastError
Sleep
GetModuleHandleW
GetLocalTime
DeviceIoControl
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
LeaveCriticalSection
FormatMessageA
WaitForSingleObject
ExpandEnvironmentStringsW
CreateDirectoryW
CreateMutexW
ReleaseMutex
LocalFree
GetSystemDirectoryA
lstrcatA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryW
FreeLibrary
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
GetProcessHeap
HeapFree
InterlockedExchange
WideCharToMultiByte
lstrlenA
EnterCriticalSection
InterlockedCompareExchange

user32

CharNextA
CharUpperA
CheckMenuItem

advapi32

RegCloseKey
StartServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ChangeServiceConfigW
QueryServiceStatus
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExW

msvcrt

_controlfp
_unlock
__dllonexit
_lock
_onexit
__p__commode
_adjust_fdiv
?terminate@@YAXXZ
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__getmainargs
puts
__set_app_type
__setusermatherr
__p__fmode

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
CM_Reenumerate_DevNode
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiSetDeviceRegistryPropertyW

Sections

.text
Size: 328KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 400KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 308KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

936e959f32529e8aaf2bf1c219f9d499

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

setupapi

Sections

.text Size: 328KB - Virtual size: 325KB

.idata Size: 4KB - Virtual size: 3KB

.rdata Size: 400KB - Virtual size: 397KB

.data Size: 308KB - Virtual size: 1.9MB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 328KB - Virtual size: 325KB

.idata
Size: 4KB - Virtual size: 3KB

.rdata
Size: 400KB - Virtual size: 397KB

.data
Size: 308KB - Virtual size: 1.9MB

.rsrc
Size: 36KB - Virtual size: 33KB