b17e6dc8cfe8addd0c38d1675fa6316702db1bdc05eb93e98cfb17dcef90da2b

General

Target

b17e6dc8cfe8addd0c38d1675fa6316702db1bdc05eb93e98cfb17dcef90da2b
Size

185KB
MD5

91495b541352158922bb5e3152e68b01
SHA1

a48ee6b77d82fead69e4fc33df3dff722c608b26
SHA256

b17e6dc8cfe8addd0c38d1675fa6316702db1bdc05eb93e98cfb17dcef90da2b
SHA512

08f212cc123cae0a03ee0f391e53e8539cac2662cbf27a0feac5bcec1c9a96893af03895b783e817a97822912e61d898e37e21b09b30090a71ab1f933cead042
SSDEEP

3072:M4phUwso2AtU45M9xhemP2YYqCzNba+LEt0deUifosiIfT0Woe6gJUi5mnUIt5FL:M+hVO45M9xMJYfiNa+HdeUiAsiA0WLBG

Score

N/A

Malware Config

Signatures

Files

b17e6dc8cfe8addd0c38d1675fa6316702db1bdc05eb93e98cfb17dcef90da2b
.exe windows x86

20603738d1656a826ba01a8d9da2b934

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

SendMessageA
CreateWindowExW
GetDlgItem
IsWindow
DestroyWindow
EnumChildWindows
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

kernel32

IsBadWritePtr
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
SetHandleCount
HeapDestroy
AddAtomA
GetOEMCP
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetSystemInfo
GetFileType
HeapSize
TlsAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
GetEnvironmentStrings
GetACP
EnumResourceLanguagesA
WriteFile
VirtualAlloc
VirtualQuery
HeapCreate
GetCPInfo
TerminateProcess
QueryPerformanceCounter
GetNumberFormatW
InterlockedExchange
GetModuleFileNameA
GetCurrentProcessId
TlsFree
TlsGetValue
SetLastError
TlsSetValue
SetEndOfFile
VirtualFree
GetVersionExA
SetUnhandledExceptionFilter

Sections

.text
Size: 96KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20603738d1656a826ba01a8d9da2b934

Headers

File Characteristics

Imports

setupapi

user32

newdev

mprapi

shell32

iphlpapi

kernel32

Sections

.text Size: 96KB - Virtual size: 236KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 236KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB