ce996860b49978f682c0fdb2462cfaa47a51c141ecdf85240d906c12920033ef

General

Target

ce996860b49978f682c0fdb2462cfaa47a51c141ecdf85240d906c12920033ef
Size

184KB
MD5

3004be559cc85aceb7d647ce8c6982dd
SHA1

2b0d962eac2e64cc9c844fd1dd2677cdf806cf8e
SHA256

ce996860b49978f682c0fdb2462cfaa47a51c141ecdf85240d906c12920033ef
SHA512

b29bf18268b06e4503fcbe5340e6c89b325d9023b2bc13d591b3d796381930d6a1f04496b7c4bb5da7dd8e4fa93b614cf1ce17a148aaeb8e890179deff066a6a
SSDEEP

3072:a+OUaTUCE19mToQVj5THJJaPuE+7nv98OcWz6qR+CDsGffwpeRzimdXwBsebm:jOU0M1QX7tntaEz6qHIGffG650se

Score

N/A

Malware Config

Signatures

Files

ce996860b49978f682c0fdb2462cfaa47a51c141ecdf85240d906c12920033ef
.exe windows x86

f1a2e9c4b9f294f4ac6e04c65bd4b996

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
InitializeCriticalSection
AddAtomW
CreateMutexA
GetVolumeInformationA
GetSystemTimeAsFileTime
GetTickCount
GlobalLock
InterlockedDecrement
ReadFile
DeviceIoControl
Sleep
WaitForSingleObject
GetModuleFileNameA
GetTempFileNameA
GlobalFree
GetModuleFileNameW
GlobalUnlock
CopyFileA
GetFileSize
LocalFree
CreateFileA
GetTempPathA
VirtualFree
DeleteFileA
EnumResourceNamesA
VirtualAlloc
GetFileAttributesA
QueryPerformanceCounter
WriteFileGather
DisableThreadLibraryCalls
LocalAlloc
DeleteCriticalSection
InterlockedIncrement
GetSystemTime
GetCurrentProcessId
GetCurrentThreadId
SetFileAttributesA
lstrlenA
ReleaseMutex
GetVersionExA
MultiByteToWideChar
GetLastError
WideCharToMultiByte
CreateDirectoryA
SetFilePointer
FreeLibrary

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 100KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1a2e9c4b9f294f4ac6e04c65bd4b996

Headers

File Characteristics

Imports

kernel32

advapi32

lz32

setupapi

Sections

.text Size: 100KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.rsrc
Size: 512B - Virtual size: 4KB