f35ef01066a6b54c1d451f7c6ab00ffc41522dbac997328f368ac45ca0d860bd

General

Target

f35ef01066a6b54c1d451f7c6ab00ffc41522dbac997328f368ac45ca0d860bd
Size

176KB
MD5

009c0dc4b9da783eb76cc73888a18bb0
SHA1

1dffee12037efdb40998872238009c5e1c08fdc5
SHA256

f35ef01066a6b54c1d451f7c6ab00ffc41522dbac997328f368ac45ca0d860bd
SHA512

ba6c0225e3e752c1ef8b0c0a7cec5ec6504a54bb05d71777db87b92cddef56de390260a6336d6099d169cd5a88c41a9bd864852db77597891b24fb592ac248a3
SSDEEP

3072:xez10fj/UrSlsFuNFfOtPEJ1f5AzaEGCH0ATq7GQ+vF0jMhvlMR:xezS7NlEuNYtMJ1f58aEvUAe7zGFs8l

Score

N/A

Malware Config

Signatures

Files

f35ef01066a6b54c1d451f7c6ab00ffc41522dbac997328f368ac45ca0d860bd
.exe windows x86

b0873f2a65f8a42932370e46aa5ef18c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
DisableThreadLibraryCalls
InterlockedDecrement
GlobalUnlock
AddAtomW
GetTickCount
GetModuleFileNameA
DeviceIoControl
GetVersionExA
VirtualAlloc
CloseHandle
GetLastError
GetModuleFileNameW
CreateFileW
DeleteCriticalSection
ReleaseMutex
CopyFileA
GetFileAttributesA
WideCharToMultiByte
GetSystemTime
SetFilePointer
EnumResourceNamesA
LocalAlloc
GetTempPathA
MultiByteToWideChar
GetTempFileNameA
CreateDirectoryA
LocalFree
lstrlenA
GetFileSize
GetSystemTimeAsFileTime
InitializeCriticalSection
QueryPerformanceCounter
GetVolumeInformationA
SetFileAttributesA
DeleteFileA
CreateFileA
FindResourceA
ReadFile
GetCurrentProcessId
WaitForSingleObject
Sleep
VirtualFree
GlobalLock
CreateMutexA
InterlockedIncrement
GlobalFree
FreeLibrary

advapi32

RegEnumKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegQueryValueA
RegCloseKey

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 90KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b0873f2a65f8a42932370e46aa5ef18c

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

lz32

Sections

.text Size: 90KB - Virtual size: 234KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 72KB

.text
Size: 90KB - Virtual size: 234KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 72KB