1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3

Sharing

Copy URL

Twitter E-mail

General

Target

1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
Size

589KB
MD5

e43244db36895d6a28850d3408d80f45
SHA1

86ef0edf0a3f2f3edf4192fdd3addedda48945c9
SHA256

1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
SHA512

d55ae92112dccbc515e4b9790bf7470304ae9fe3c50d200d31ba91ebbf1870f15978cdb622b0b51c126656865e5c947a201cffae337f058c8783a58813286004
SSDEEP

12288:ltA+wOgP7zVlFXx4svG0Xrx+bL3LWyyN:ltAlOgP/4svG07x+n3LpK

Score

N/A

Malware Config

Signatures

Files

1f1f7961cf583e6644eba26fb9727be8d091dc3754c9a8030c26b0b73f07e5a3
.exe windows x86

e1f1f3d8131d6679eead2b595d35f8bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

authz

AuthzAddSidsToContext

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
OpenServiceA
RegDeleteKeyA
RegCloseKey
EqualSid
RegOpenKeyExA
ControlService
OpenSCManagerA
DeleteService
CloseServiceHandle

dbghelp

SymUnloadModule
SymGetSymPrev64
FindExecutableImageEx

crypt32

CryptVerifyDetachedMessageHash
CryptMemAlloc
CertVerifyValidityNesting

kernel32

FindFirstFileA
GetFileAttributesA
RemoveDirectoryA
GetSystemDirectoryA
GetDriveTypeA
GetOEMCP
GetCommandLineA
GlobalFree
VirtualFree
GlobalAlloc
SetFilePointer
Sleep
GetEnvironmentStringsW
LCMapStringW
UnmapViewOfFile
CreateDirectoryA
lstrcmpA
DeleteFileA
GetCurrentDirectoryA
CloseHandle
GetStringTypeW
GetFullPathNameA
GetLastError
lstrcpynA
HeapDestroy
MapViewOfFile
HeapCreate
GetModuleFileNameA
GetProcAddress
CreateFileMappingA
GetStringTypeA
GetVersion
ExitProcess
MoveFileExA
LoadLibraryA
WriteFile
lstrcpyA
SetEndOfFile
GetStartupInfoA
lstrcatA
lstrlenA
FindNextFileA
SetFileAttributesA
GetStdHandle
GetShortPathNameA
GetFileType
GetCPInfo
GetVersionExA
GetPrivateProfileStringA
GetWindowsDirectoryA
GetACP
FreeEnvironmentStringsW
HeapAlloc
CreateFileA
FindClose
SetHandleCount
GetModuleHandleA
GetFileSize

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 142KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1f1f3d8131d6679eead2b595d35f8bf

Headers

File Characteristics

Imports

authz

advapi32

dbghelp

crypt32

kernel32

Sections

.text Size: 69KB - Virtual size: 72KB

.data Size: 245KB - Virtual size: 245KB

.data1 Size: 116KB - Virtual size: 115KB

.pdata Size: 142KB - Virtual size: 156KB

.idata Size: 14KB - Virtual size: 13KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 69KB - Virtual size: 72KB

.data
Size: 245KB - Virtual size: 245KB

.data1
Size: 116KB - Virtual size: 115KB

.pdata
Size: 142KB - Virtual size: 156KB

.idata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 2KB - Virtual size: 1KB