686370c87c82b4ba2ce2c5bd5ac1d80538469d52f952c8d8e1ff9cda632a8ace

Sharing

Copy URL Twitter E-mail

General

Target

686370c87c82b4ba2ce2c5bd5ac1d80538469d52f952c8d8e1ff9cda632a8ace
Size

266KB
MD5

62056ddc9cd7f41a2646ba810629f680
SHA1

a2ca6257e2dbd30f890c01acd6b4841ea719bd94
SHA256

686370c87c82b4ba2ce2c5bd5ac1d80538469d52f952c8d8e1ff9cda632a8ace
SHA512

dbd68dc893dcefa9f5873920d151d15a1fcb5d8b5d616b8caddaadfd8433eba5b04e4dcb8cc96a482f02bcae8523aa9d6f91fc3af63a10c2f6569a6ffe98c9a9
SSDEEP

6144:JhwiRiGLdEnX1PvirNnune+wXBLfu+0GQeH:JhrxEVvINtBLH0x

Score

N/A

Malware Config

Signatures

Files

686370c87c82b4ba2ce2c5bd5ac1d80538469d52f952c8d8e1ff9cda632a8ace
.dll windows x86

e9807948bc13a4e96d6e4b76032b07d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemInfo
GetTickCount
GetUserDefaultLangID
GetWindowsDirectoryA
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
GetCPInfo
LeaveCriticalSection
MultiByteToWideChar
OpenProcess
OutputDebugStringA
Process32First
Process32Next
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrlenA
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
ExitProcess
EnterCriticalSection
DeleteFileA
CreateToolhelp32Snapshot
CreateProcessA
CreateFileA
CopyFileA
LCMapStringW
CloseHandle

advapi32

RevertToSelf
RegSetValueExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupAccountSidA
LookupAccountNameA
GetTokenInformation
DeleteAce
CopySid
AccessCheck
SystemFunction008

setupapi

SetupDiCallClassInstaller
SetupDiGetDriverInfoDetailA
SetupDiGetSelectedDriverA
SetupDiOpenDevRegKey
SetupGetLineTextA
SetupOpenInfFileA
SetupCloseInfFile

Exports

Exports

DelItem
Node_Free
UnicodeEncodeError
_ReadlineFunctionPointer
get_signature
mmx_support
read_init_3
vResolveTokenVarA

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9807948bc13a4e96d6e4b76032b07d8

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 58KB - Virtual size: 57KB

.data Size: 62KB - Virtual size: 63KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 58KB - Virtual size: 57KB

.data
Size: 62KB - Virtual size: 63KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 8KB - Virtual size: 7KB