3920b0716b1a4b0af1918e9eb410c9d281fe8a7866eb614d122fb53c70588959

Sharing

Copy URL Twitter E-mail

General

Target

3920b0716b1a4b0af1918e9eb410c9d281fe8a7866eb614d122fb53c70588959
Size

304KB
MD5

05da83c9bca7d397add5fd140d8a7883
SHA1

ed7e2333e1b3c9498b2785f51a48652a9fe75937
SHA256

3920b0716b1a4b0af1918e9eb410c9d281fe8a7866eb614d122fb53c70588959
SHA512

79395bc11c194a2c281ffdf641f407e2df9c6cdecd98eb15652d8fed17fd7500fcc66f1f0082b130dcc85d2103373bc3199c2b989e6ea02cda32726ecd34c91e
SSDEEP

6144:Jb/CfzWoFjZuIZKypTvfNZdmCk6Wh6J7zAWh4w8HWUlfQ:Jb/0zWoFEI/oEVhk2Ulf

Score

N/A

Malware Config

Signatures

Files

3920b0716b1a4b0af1918e9eb410c9d281fe8a7866eb614d122fb53c70588959
.exe windows x86

2a585e8119346f29cf3ff6ce96e24550

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRectRgn
BeginPath
GetTextCharsetInfo
CopyEnhMetaFileW
EqualRgn
GetBkColor
FillRgn
ExtCreateRegion
GetKerningPairsA
GetEnhMetaFileHeader
CreateFontIndirectW
GetObjectA
OffsetWindowOrgEx
EnumFontsW
GetCharWidthA
GetGlyphOutlineW
RestoreDC
SetBkColor
GetTextAlign

msvcrt

getchar
fmod
memmove
exit
log10
atoi
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_tzname
_CIfmod
_controlfp

advapi32

MakeAbsoluteSD
RegEnumKeyW
OpenServiceA
RegCreateKeyExW
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegOpenKeyExA
ReportEventW
SetSecurityDescriptorSacl
GetLengthSid
CloseServiceHandle
ChangeServiceConfig2W
RegQueryValueW
ChangeServiceConfigA
SetFileSecurityA
EnumDependentServicesA
RegOpenKeyExW
RevertToSelf
StartServiceCtrlDispatcherA
RegQueryValueA
RegSetValueExW
LsaQueryInformationPolicy
SetEntriesInAclW
GetFileSecurityW
EnumServicesStatusA
ChangeServiceConfigW
RegCloseKey
RegNotifyChangeKeyValue
LsaFreeMemory
CreateProcessAsUserW
RegCreateKeyExA
RegCreateKeyW
GetKernelObjectSecurity
RegSetValueA
RegEnumKeyExA
GetSidIdentifierAuthority
LogonUserA
CreateServiceW
RegCreateKeyA
GetUserNameW
QueryServiceConfigW
DeleteService
RegSetValueExA
InitializeSid
SetKernelObjectSecurity
GetServiceDisplayNameW
AllocateAndInitializeSid
GetSidSubAuthority
GetAce
OpenSCManagerA
RegDeleteKeyA
RegSetKeySecurity
GetSidLengthRequired
OpenProcessToken
SetFileSecurityW
StartServiceA
GetAclInformation
RegConnectRegistryA
RegQueryInfoKeyW
OpenSCManagerW
GetUserNameA
RegisterEventSourceA
LockServiceDatabase
CopySid
QueryServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueW
RegRestoreKeyW
RegQueryInfoKeyA
LookupPrivilegeValueA
RegisterServiceCtrlHandlerA
LookupAccountNameW
OpenThreadToken
GetSidSubAuthorityCount
RegUnLoadKeyW
ControlService
AddAce
InitiateSystemShutdownA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a585e8119346f29cf3ff6ce96e24550

Headers

File Characteristics

Imports

gdi32

msvcrt

advapi32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 539KB

.rsrc Size: 172KB - Virtual size: 169KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 539KB

.rsrc
Size: 172KB - Virtual size: 169KB