fa9636517c6ed781cb65e19702d7cddc102edc982207612dd64fc7adeb24e389

General

Target

fa9636517c6ed781cb65e19702d7cddc102edc982207612dd64fc7adeb24e389
Size

168KB
MD5

486a4a703fe9733a4f02daa9dc28a7ec
SHA1

25db9e546d07e2b5f40554cd25400c9210d67133
SHA256

fa9636517c6ed781cb65e19702d7cddc102edc982207612dd64fc7adeb24e389
SHA512

a27d523dfd873fcdc9a4402f1d01ca879922f8d95fff2c3d2ccdb3e540cf7cfc15212ec4807dc0da987e707a66566e90e49c181f4750a4dd893315885b061de7
SSDEEP

3072:E1uN9xw7rMv4921HIZp21l2cWOEXyHP2p/LJpgmigZB247vjXLZktwW:RmcQ92lKpCeOEVpznTt7vT

Score

N/A

Malware Config

Signatures

Files

fa9636517c6ed781cb65e19702d7cddc102edc982207612dd64fc7adeb24e389
.exe windows x86

8b797c68b429f5a25337bca8bdf0c868

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetFileSize
AddAtomW
lstrlenA
CreateMutexA
Sleep
DisableThreadLibraryCalls
WideCharToMultiByte
GetCurrentProcessId
GetModuleFileNameA
MultiByteToWideChar
InterlockedIncrement
GetVersionExA
SetFilePointer
GetFileAttributesA
ReleaseMutex
GetTickCount
QueryPerformanceCounter
InitializeCriticalSection
GetSystemTime
GetLastError
GetVolumeInformationA
DeleteCriticalSection
CreateDirectoryA
LocalFree
GetCurrentThreadId
ReadFile
GlobalUnlock
GlobalLock
EnumResourceNamesA
GetModuleFileNameW
CopyFileA
GlobalFree
GetTempPathA
VirtualAlloc
InterlockedDecrement
SetFileAttributesA
CloseHandle
WriteFileGather
CreateFileA
VirtualFree
WaitForSingleObject
LocalAlloc
DeviceIoControl
CreateFileW
DeleteFileA
GetSystemTimeAsFileTime
GetTempFileNameA
FreeLibrary

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 91KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b797c68b429f5a25337bca8bdf0c868

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

lz32

Sections

.text Size: 91KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 512B - Virtual size: 4KB