96739e7a6bc21e62a11f1d01181cc2ec55461dea7fbff9d90d73f1af86c2b114

General

Target

96739e7a6bc21e62a11f1d01181cc2ec55461dea7fbff9d90d73f1af86c2b114
Size

282KB
MD5

8789e14dc7c5d0da37494d6d0ab8e7e0
SHA1

7816d313fe3daf75ddbe53a9bbc14b5a90b31958
SHA256

96739e7a6bc21e62a11f1d01181cc2ec55461dea7fbff9d90d73f1af86c2b114
SHA512

a2c85a66853978de7775b9cc24878864f03e3114acc00371e44b7e49db2579ccf3496662c46d7a563592fbdbe8d9e42b961ecd98afae5ca7da46350732ca5c3c
SSDEEP

6144:jidPaSHnlSocPgbV5i94t5xIEFTIDqKDJ2IYoh1U+XEqLlnK8:WkSAoaSVI94t5KlOKUIYoh6aEkP

Score

N/A

Malware Config

Signatures

Files

96739e7a6bc21e62a11f1d01181cc2ec55461dea7fbff9d90d73f1af86c2b114
.exe windows x86

d45605635a28d2c6d9877bbd72fb7485

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetStdHandle
FreeEnvironmentStringsW
AddAtomA
TlsFree
GetCurrentProcessId
GetFileType
TerminateProcess
GetEnvironmentStrings
WriteFile
GetOEMCP
FreeEnvironmentStringsA
SetHandleCount
HeapSize
GetEnvironmentStringsW
SetEndOfFile
EnumResourceNamesA
VirtualFree
IsBadWritePtr
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapCreate
TlsGetValue
HeapDestroy
GetCPInfo
GetModuleFileNameA
TlsSetValue
lstrcatA
VirtualAlloc
GetSystemInfo
SetLastError
GetVersionExA
InterlockedExchange
QueryPerformanceCounter
VirtualQuery
GetACP
GetLocaleInfoA
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

user32

IsWindow
DestroyWindow
GetDlgItem
CreateWindowExW
SendMessageA
EnumChildWindows
GetWindowThreadProcessId

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 141KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d45605635a28d2c6d9877bbd72fb7485

Headers

File Characteristics

Imports

kernel32

shell32

mprapi

iphlpapi

user32

setupapi

newdev

Sections

.text Size: 141KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 137KB - Virtual size: 137KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 141KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 512B - Virtual size: 4KB