43929fd3dc0b319b76e1665f9efd56bafa7aad71f60382a2eb7c9cb4f0f48a33

Sharing

Copy URL

Twitter E-mail

General

Target

43929fd3dc0b319b76e1665f9efd56bafa7aad71f60382a2eb7c9cb4f0f48a33
Size

370KB
MD5

4adab6136c5fe9858c17284cbc253897
SHA1

f343ab2788e410624878a9eaf4a0fc6ae4c814c7
SHA256

43929fd3dc0b319b76e1665f9efd56bafa7aad71f60382a2eb7c9cb4f0f48a33
SHA512

c67fc5a8e0d2f958f87c7956e49e689f45cc6814fb98675accf3ceb145abccc8e185ff0bd91e83eda0be5b330409782ab07727a197de32acbc7594d38efad650
SSDEEP

6144:MqhhZnlQUzOnNWsd1ZnCcY0mqahmZ3kTFdep01eSo5SRpCX7rQsIY:dZiNJZnVGhdTnepVSPR0X7EY

Score

N/A

Malware Config

Signatures

Files

43929fd3dc0b319b76e1665f9efd56bafa7aad71f60382a2eb7c9cb4f0f48a33
.exe windows x86

52cbcd453630628c5d8316a8c9f15b02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__fmode
__dllonexit
strtoul
_onexit
qsort
_setsystime
exit
_acmdln
__getmainargs
_controlfp
_except_handler3
__set_app_type
_lsearch
__p__commode
_adjust_fdiv
__setusermatherr
_initterm

kernel32

GetStartupInfoA
GetModuleHandleA
GlobalAddAtomW
GetDiskFreeSpaceExA

advapi32

LsaQueryInformationPolicy
BuildExplicitAccessWithNameA
CreateServiceA
GetSecurityDescriptorLength
NotifyBootConfigStatus
FreeSid
ImpersonateLoggedOnUser
SetNamedSecurityInfoA
GetTokenInformation
DuplicateToken
DuplicateTokenEx
RegCloseKey
SetSecurityDescriptorSacl
RegNotifyChangeKeyValue
SetServiceObjectSecurity
RegCreateKeyExW
RegSetValueExA
RegisterServiceCtrlHandlerA
DeleteService
LsaFreeMemory
GetSidIdentifierAuthority
GetAclInformation
OpenSCManagerW
RegisterServiceCtrlHandlerW
RegCreateKeyW
ChangeServiceConfigA
AllocateAndInitializeSid
OpenServiceA
RegUnLoadKeyW
RegSetValueExW
RegCreateKeyA
RegEnumKeyExA
LookupAccountNameW
RegOpenKeyExA
RegQueryValueA
RegSetKeySecurity
InitiateSystemShutdownA
GetServiceDisplayNameW
GetSidLengthRequired
SetNamedSecurityInfoW
ChangeServiceConfig2W
SetFileSecurityW
LsaOpenPolicy
ChangeServiceConfigW
SetFileSecurityA
LogonUserA
EnumDependentServicesA
QueryServiceLockStatusW
CreateServiceW
AdjustTokenPrivileges
GetAce
RegSetValueA
AddAce
RegOverridePredefKey
GetEffectiveRightsFromAclW
RegisterEventSourceA
GetKernelObjectSecurity
OpenThreadToken
GetLengthSid
RegQueryInfoKeyA
OpenProcessToken
LookupPrivilegeValueW
RegRestoreKeyW
RegDeleteKeyA
RegQueryValueW
RevertToSelf
SetSecurityDescriptorOwner
ReadEventLogW
RegQueryInfoKeyW
QueryServiceConfigW
GetUserNameW
SetKernelObjectSecurity
RegConnectRegistryA
GetSidSubAuthority

user32

InSendMessage
SendNotifyMessageA
SendMessageA

version

VerInstallFileW
VerQueryValueA
GetFileVersionInfoSizeA
VerQueryValueW

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52cbcd453630628c5d8316a8c9f15b02

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

version

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 44KB - Virtual size: 1.5MB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 44KB - Virtual size: 1.5MB

.rsrc
Size: 44KB - Virtual size: 41KB