ac3cf2d9ecf5bc17df9064aed821a912563379aa5487012dafc7dbc41b8b5db4

Sharing

Copy URL Twitter E-mail

General

Target

ac3cf2d9ecf5bc17df9064aed821a912563379aa5487012dafc7dbc41b8b5db4
Size

168KB
MD5

58134e0a07ec7a0b36b3e68b320eb00a
SHA1

61446d0151096e319e2218167a2caa251217ce14
SHA256

ac3cf2d9ecf5bc17df9064aed821a912563379aa5487012dafc7dbc41b8b5db4
SHA512

f85675ff11f65c84d9af93b1a69583925e61613334ed802e4eb4daa151cc5e19c77fe9ec359ec64ae41101c2d04f08037fd8809a366e39c83a3e056f4df9e84e
SSDEEP

3072:73uMOPcsJXFwc66qzNRx0nktB47zisxr08uIY41+VBQQCFWLx5lU55wJTsYfPqIo:aXFwcePYSAY6iBQbFKvM5+Thf4

Score

N/A

Malware Config

Signatures

Files

ac3cf2d9ecf5bc17df9064aed821a912563379aa5487012dafc7dbc41b8b5db4
.exe windows x86

07f4ed5cd463c067cb0a97406dcf7179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
SendMessageA
DestroyWindow
EnumChildWindows
GetDlgItem
IsWindow
GetWindowThreadProcessId

setupapi

CMP_WaitNoPendingInstallEvents
SetupCopyOEMInfW
SetupDiClassGuidsFromNameW
SetupDiBuildClassInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiClassNameFromGuidW
SetupDiSetClassInstallParamsW
SetupDiGetClassDescriptionW
SetupDiSetDeviceRegistryPropertyW
SetupOpenInfFileA
SetupDiCreateDeviceInfoList
SetupGetLineTextA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupCloseInfFile
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoA
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsA
SetupDiDestroyDeviceInfoList
SetupDiDeleteDeviceInfo
SetupGetInfFileListA
CM_Get_DevNode_Status

rpcrt4

UuidCreate

shell32

SHGetFolderPathW

ole32

CoGetMalloc
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoCreateInstance
CoQueryProxyBlanket
CoTaskMemFree
CoUninitialize
StringFromGUID2

kernel32

MultiByteToWideChar
GetFileType
SetEndOfFile
CompareStringW
CreateFileA
FileTimeToLocalFileTime
GetConsoleOutputCP
GetStartupInfoA
GetModuleHandleA
GetFileAttributesW
GetSystemTime
DeviceIoControl
HeapDestroy
CreateEventA
FreeEnvironmentStringsA
GetCurrentProcessId
GetDateFormatA
GetLastError
CreateFileW
GetOEMCP
SetHandleCount
GetCalendarInfoW
LoadLibraryA
GetModuleFileNameA
DeleteFileW
TerminateProcess
SetLastError
WriteConsoleW
DeleteCriticalSection
LCMapStringW
ExitProcess
CreateDirectoryW
GetSystemDirectoryW
SetUnhandledExceptionFilter
TlsGetValue
CreateFileMappingA
HeapReAlloc
GetModuleHandleW
LocalAlloc
UnmapViewOfFile
FlushFileBuffers
SetFilePointer
RtlUnwind
GetStringTypeW
RaiseException
GetVersionExW
GetConsoleMode
SetFileAttributesW
CreateThread
HeapFree
CreateProcessW
WriteConsoleA
GetEnvironmentStrings
FreeLibrary
TlsAlloc
TlsSetValue
EnterCriticalSection
WaitForSingleObject
GetEnvironmentVariableW
GetCurrentThreadId
GetVersionExA
CreateWaitableTimerA
SetEvent
GetCurrentProcess
SetWaitableTimer
InterlockedIncrement
LoadLibraryExW
CancelWaitableTimer
GetLocaleInfoA
GetTimeZoneInformation
EnumResourceNamesA
GetProcessHeap
InterlockedDecrement
IsValidCodePage
LCMapStringA
InitializeCriticalSection
CloseHandle
GetTimeFormatA
VirtualFree
FileTimeToSystemTime
FreeEnvironmentStringsW
GetCPInfo
GetExitCodeProcess
LeaveCriticalSection
GetProcAddress
VirtualAlloc
QueryPerformanceCounter
GetTempPathW
ExpandEnvironmentStringsW
MapViewOfFile
InitializeCriticalSection
SetEnvironmentVariableA
WriteFile
IsDebuggerPresent
CopyFileW
LocalFree
TlsFree
GetStdHandle
UnhandledExceptionFilter
GetConsoleCP
GetACP
GetCommandLineA
HeapAlloc
ReadFile
GetSystemTimeAsFileTime
WideCharToMultiByte
GetTickCount
HeapSize
MoveFileExW
SystemTimeToFileTime
GetEnvironmentStringsW
CompareStringA
ResetEvent
Sleep
SetStdHandle
HeapCreate
GetStringTypeA

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

advapi32

GetAclInformation
LookupPrivilegeValueA
UnlockServiceDatabase
InitializeAcl
SetEntriesInAclW
QueryServiceLockStatusW
LockServiceDatabase
LookupPrivilegeNameA
GetAce
QueryServiceStatus
OpenProcessToken
RegQueryValueExW
RegDeleteKeyW
EqualSid
RegDeleteValueW
EnumDependentServicesW
ChangeServiceConfigW
GetSecurityInfo
CreateServiceW
RegGetKeySecurity
GetNamedSecurityInfoW
RegOpenKeyExW
DeleteService
RegRestoreKeyW
FreeSid
SetSecurityDescriptorDacl
RegSetValueExW
GetTokenInformation
AddAce
SetEntriesInAclA
SetSecurityInfo
LookupPrivilegeDisplayNameA
AdjustTokenPrivileges
ControlService
OpenSCManagerW
GetSecurityDescriptorControl
QueryServiceConfigW
RegEnumKeyExW
InitializeSecurityDescriptor
GetInheritanceSourceW
AllocateAndInitializeSid
OpenServiceW
LookupAccountSidW
StartServiceA
CloseServiceHandle
IsValidAcl
ChangeServiceConfig2W
FreeInheritedFromArray
RegCloseKey
SetNamedSecurityInfoW
RegSaveKeyW
IsValidSecurityDescriptor
RegCreateKeyExW
RegEnumValueW

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07f4ed5cd463c067cb0a97406dcf7179

Headers

File Characteristics

Imports

iphlpapi

user32

setupapi

rpcrt4

shell32

ole32

kernel32

mprapi

newdev

advapi32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 68KB - Virtual size: 67KB

.rsrc Size: 1024B - Virtual size: 100KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 1024B - Virtual size: 100KB