eaf64fa9473a131e52d79aa4176539b7970a810a5b629ccf9f4ac36997b9cc75

Sharing

Copy URL

Twitter E-mail

General

Target

eaf64fa9473a131e52d79aa4176539b7970a810a5b629ccf9f4ac36997b9cc75
Size

65KB
MD5

54dfcce3910935c09a04e964c68833ef
SHA1

f8431ff2fdab334da4ebdca1a12d845afcf8886d
SHA256

eaf64fa9473a131e52d79aa4176539b7970a810a5b629ccf9f4ac36997b9cc75
SHA512

6b657f94fafa56fc41106953a507cfb139a2d651fac1485388a2110b0443ad373524894e9d25c46155028f0816e5be5d5511afc5c7801b6a6b7cf938f66b60e7
SSDEEP

1536:vdvWMRK8CQUOvwD6i0lJ+WUatZypk1oE3l/HU:FLR9CQvrJRhypkH

Score

N/A

Malware Config

Signatures

Files

eaf64fa9473a131e52d79aa4176539b7970a810a5b629ccf9f4ac36997b9cc75
.exe windows x86

9366cb2aae03093bb93894802488c68e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
ChangeServiceConfigA
CloseServiceHandle
ControlService
GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueA
RegSetValueExA

kernel32

AddAtomA
CloseHandle
CompareStringA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindNextFileA
FormatMessageA
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFullPathNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetProcessHeap
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetSystemTime
GetSystemTimeAsFileTime
GetTimeFormatA
GetWindowsDirectoryA
GlobalAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
IsBadCodePtr
IsBadWritePtr
IsDebuggerPresent
LoadLibraryExA
LoadResource
LockResource
MapViewOfFile
MoveFileA
OutputDebugStringA
ReadFile
ReadProcessMemory
ResetEvent
SearchPathA
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SuspendThread
TerminateProcess
TlsAlloc
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
lstrcmpiA
lstrcpyA

user32

CharUpperA
DefWindowProcA
DestroyMenu
EnableWindow
ExitWindowsEx
GetCapture
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetForegroundWindow
GetMessageA
GetMessagePos
GetSysColor
GetWindowTextA
InvalidateRect
IsDlgButtonChecked
IsRectEmpty
LoadIconA
MessageBoxA
ReleaseCapture
ReleaseDC
SetDlgItemInt
SetWindowPos
SetWindowRgn
ShowWindow
SystemParametersInfoA
TranslateMessage
UnregisterClassA
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9366cb2aae03093bb93894802488c68e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 28KB - Virtual size: 28KB

.INIT Size: 16KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 28KB

.INIT
Size: 16KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB