61cc8c36085bc4a140f74d11b99ef047877d8f9d4107418627a3f978c495095f

Sharing

Copy URL

Twitter E-mail

General

Target

61cc8c36085bc4a140f74d11b99ef047877d8f9d4107418627a3f978c495095f
Size

344KB
MD5

2bba3e4d34098cc1ffbb8ddd8cd64086
SHA1

e353968444ce29d8a23a24506ed9f68604c6ad15
SHA256

61cc8c36085bc4a140f74d11b99ef047877d8f9d4107418627a3f978c495095f
SHA512

35a9a77d93070a60ee8dfb4150754da61b59641df4b619f44ce94933ddb43d6d88ab1ad612a50541d15e7dc5711922d42b31a5accaf33ab8b9f8dad2eee4cc0e
SSDEEP

6144:sPbs3HkUnoMne5TloolZZTGEMExHhHgHDVi0FluRVzQDdU4J+wbZ0eKSF:szUkUeTl9zffxgHD47yDugbZ0dSF

Score

N/A

Malware Config

Signatures

Files

61cc8c36085bc4a140f74d11b99ef047877d8f9d4107418627a3f978c495095f
.exe windows x86

8d22a9f60889e09c40fb354426eb1397

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendNotifyMessageA
InSendMessage
CreateIconFromResource

netapi32

NetServerEnum

msvcrt

__getmainargs
_except_handler3
_initterm
_chkesp
__setusermatherr
_adjust_fdiv
_wcstoui64
__dllonexit
_onexit
fgetc
fgets
getc
_controlfp
__p__commode
__set_app_type
__p__fmode
_acmdln

gdi32

DeleteEnhMetaFile
PlayEnhMetaFileRecord
EndDoc
GetDIBColorTable
GetWindowOrgEx
SetTextCharacterExtra
Polyline
CreateFontIndirectW
CreateRectRgn
EnumFontsA
SetColorAdjustment
RectVisible
GetROP2
SetAbortProc
CreateDIBSection
GetBkColor
GetStockObject
FillPath
GetClipBox
ExtTextOutA
ExtFloodFill
CancelDC
CombineRgn
SetStretchBltMode
CreateRoundRectRgn
GetGlyphOutlineW
FillRgn
CreateFontW
Ellipse
PolyBezierTo
CreateFontIndirectA
CreateCompatibleDC
GetClipRgn
StrokePath
DPtoLP
GetCharWidthA
SaveDC
SetMapMode
GetRgnBox
SetViewportOrgEx
GetEnhMetaFileBits
PolyDraw
ResetDCW
CreatePenIndirect
SetTextAlign
TextOutA
CreateEllipticRgn
SetPolyFillMode
EnumFontsW
CreateBitmap
SetPixelFormat
GetObjectW
PlayEnhMetaFile
SetPixel
GetEnhMetaFilePaletteEntries
CreateSolidBrush
OffsetViewportOrgEx
SetTextColor
SetPixelV
GetMapMode
SetWinMetaFileBits
ExtCreatePen
SwapBuffers
CreateICW
SetWindowOrgEx
OffsetWindowOrgEx
StretchBlt
CreatePen
DeleteObject
SelectClipRgn
PolyPolyline
GetPixel
EqualRgn
AbortDoc
MoveToEx
GetFontData
GdiFlush
ExtCreateRegion
ScaleViewportExtEx
CreateDCW
RestoreDC
SetWindowExtEx
GetTextCharsetInfo
StartDocW
Rectangle
GetSystemPaletteEntries
GetEnhMetaFileHeader
GetGlyphOutlineA
ResizePalette
SetDIBColorTable
GetTextExtentPoint32W
BeginPath
Pie
GetObjectA
GetObjectType
GetBitmapBits
GetCharABCWidthsW
SetBkMode
CreateFontA
GetTextExtentPoint32A
StartPage
BitBlt
IntersectClipRect
SetRectRgn
Arc
PtVisible
GetTextFaceA
CreateDCA
CreateCompatibleBitmap
GetBrushOrgEx
OffsetRgn
SetDeviceGammaRamp
EnumFontFamiliesA
SelectPalette
ExtEscape
GetPolyFillMode
StartDocA
SetROP2
ExtSelectClipRgn
DeleteDC
RealizePalette
CreateDIBPatternBrushPt
CopyEnhMetaFileA
GetTextAlign
GetTextColor
CreateMetaFileA
GetKerningPairsA
OffsetClipRgn
EndPage
GetTextExtentPointA
Chord
SetBkColor
EnumFontFamiliesExW
Polygon
SetBitmapBits
RemoveFontResourceA

version

VerQueryValueA
VerQueryValueW
VerInstallFileA
VerFindFileW
VerInstallFileW
VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoW

advapi32

BuildImpersonateTrusteeA
GetFileSecurityA
GetServiceKeyNameA
BuildTrusteeWithNameA
CreateServiceA
ControlService
DeleteService
RegisterServiceCtrlHandlerA
GetUserNameA
QueryServiceStatus
StartServiceA
LsaQueryInformationPolicy
RegisterServiceCtrlHandlerW
OpenSCManagerA
EnumServicesStatusA
RegQueryInfoKeyW
RegEnumKeyW
QueryServiceConfigW
EnumDependentServicesA
GetServiceDisplayNameW
ReadEventLogW
RegCloseKey
RegQueryValueW
CreateProcessAsUserW
OpenServiceA
CreateServiceW
RegUnLoadKeyW
RegNotifyChangeKeyValue
RegCreateKeyW
ChangeServiceConfig2W
InitiateSystemShutdownA
RegQueryInfoKeyA
ChangeServiceConfig2A
CloseServiceHandle
OpenSCManagerW
RegEnumKeyExA
RegSetValueExA

mpr

WNetDisconnectDialog
MultinetGetConnectionPerformanceA
WNetAddConnection2A
WNetGetProviderNameA
WNetCancelConnection2A
WNetCancelConnectionA

oleaut32

LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal

mfc42

ord1089
ord5302
ord2725
ord1077
ord4698
ord5307
ord1005
ord5714
ord1168
ord1087
ord2982
ord1080
ord3346
ord4465
ord1009
ord3262
ord2985
ord3081
ord2976
ord1039
ord3830
ord3831
ord3825
ord3079
ord4080
ord1062
ord4424
ord3738
ord561
ord1576
ord3259
ord2396
ord1092
ord1089
ord3922
ord5731
ord1073
ord2554
ord4486
ord6375
ord815

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d22a9f60889e09c40fb354426eb1397

Headers

File Characteristics

Imports

user32

netapi32

msvcrt

gdi32

version

advapi32

mpr

oleaut32

mfc42

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 56KB - Virtual size: 3.6MB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 56KB - Virtual size: 3.6MB

.rsrc
Size: 68KB - Virtual size: 64KB