46f3c5a25de898ad227fff8093a0a0bacb4f91eeb622a8bd8848373e4944599b

Sharing

Copy URL Twitter E-mail

General

Target

46f3c5a25de898ad227fff8093a0a0bacb4f91eeb622a8bd8848373e4944599b
Size

64KB
MD5

84897289d35ffd767274d30fec9d3ede
SHA1

f0b530834d2d68892a741c20c85d579bc82ffd30
SHA256

46f3c5a25de898ad227fff8093a0a0bacb4f91eeb622a8bd8848373e4944599b
SHA512

8ef6d3f68c4d505eea414035618b209450b831ec7a53e909f2c0631a050973d4053b07d8d2ac1fca791122496b3a4041a1c4470a92b8ab42109d4b317ed0f18d
SSDEEP

768:pCFCAwW82zrouWzQRKBSbVzRtK0r4adOxgMaFf8frm5S7OCh6tRM5W4ss2:OCAwv27kBSbBnNygMkf8frcltcss2

Score

1^/10

Malware Config

Signatures

Files

46f3c5a25de898ad227fff8093a0a0bacb4f91eeb622a8bd8848373e4944599b
.exe windows x86

1900101b00ed9319e40b8e54673599f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

setupapi

CM_Locate_DevNode_ExW
SetupDiGetClassDevsW
CM_Reenumerate_DevNode_Ex
SetupDiRemoveDevice
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
CM_Connect_MachineW

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
SetFilePointer
FlushFileBuffers
SetStdHandle
GetConsoleCP
GetFullPathNameW
GetSystemDirectoryW
GetVersionExW
lstrlenW
GetLastError
SetLastError
LocalAlloc
lstrcmpiW
DeleteFileW
LocalFree
lstrcpyW
CreateFileA
GetConsoleMode
HeapFree
HeapAlloc
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
RtlUnwind
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize

difxapi

DriverPackageInstallW
DriverPackageUninstallW
DIFXAPISetLogCallbackW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1900101b00ed9319e40b8e54673599f6

Headers

File Characteristics

Imports

advapi32

setupapi

newdev

kernel32

difxapi

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB