75f59ec1d53224a3640957db58f8381b2f1f6f088c2bb40f77c537bafc6910ab

General

Target

75f59ec1d53224a3640957db58f8381b2f1f6f088c2bb40f77c537bafc6910ab
Size

593KB
MD5

952dcba51b36a6a2bbd09a8e59efe401
SHA1

1c2f761d1809bc2a7029f3fef7135e0c29633a32
SHA256

75f59ec1d53224a3640957db58f8381b2f1f6f088c2bb40f77c537bafc6910ab
SHA512

b4f23f2a72ded9693bdd9ca794976c15df50af40722bd1d6de63a9c262ccf10717fab50edfec65e7f145fd291e2c3773a71cd90a3a53748f47416f16dbbe2c5a
SSDEEP

12288:fXh/f1I4J4XA0HyeIQXnwtg+aGFi5LSEuakaD:fXd1If9HyeVXwtwLSja

Score

N/A

Malware Config

Signatures

Files

75f59ec1d53224a3640957db58f8381b2f1f6f088c2bb40f77c537bafc6910ab
.exe windows x86

0b249493709afa0dfdc4cf8b91f06e53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
CreateRemoteThread
GetProcAddress
WriteProcessMemory
VirtualAllocEx
OpenProcess
WriteFile
SetFilePointer
LockResource
LoadResource
SizeofResource
GetCurrentProcess
lstrcatA
GetEnvironmentVariableA
lstrlenA
GetTickCount
GetTempPathA
DeleteFileA
CopyFileA
SetFileAttributesA
GetWindowsDirectoryA
TerminateProcess
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
CreateFileA
CloseHandle
GetCommandLineA
GetModuleHandleA
ExitProcess
GetModuleFileNameA
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceA
GlobalFree

user32

FindWindowA
LoadIconA
SendMessageA
wsprintfA

advapi32

OpenSCManagerA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
OpenServiceA
DeleteService
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenServiceW
OpenSCManagerW
RegSetValueExA
RegOpenKeyExA
ControlService

shell32

ShellExecuteExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

atol
sprintf
_strlwr

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hnxyy
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b249493709afa0dfdc4cf8b91f06e53

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

version

msvcrt

Sections

.text Size: 11KB - Virtual size: 10KB

.rsrc Size: 581KB - Virtual size: 580KB

.hnxyy Size: 512B - Virtual size: 512B

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 581KB - Virtual size: 580KB

.hnxyy
Size: 512B - Virtual size: 512B