24d85b46785c79d8785c2d4b6599a0ae04ad8d5cb7dd28dba787ab39c39680e0

Sharing

Copy URL

Twitter E-mail

General

Target

24d85b46785c79d8785c2d4b6599a0ae04ad8d5cb7dd28dba787ab39c39680e0
Size

188KB
MD5

28e578915781267740e1a5fe9df84e9b
SHA1

204bfcdbf6a71a007fa76ebe2d9edf9fab0d78f3
SHA256

24d85b46785c79d8785c2d4b6599a0ae04ad8d5cb7dd28dba787ab39c39680e0
SHA512

a29b20916710f22840778159a6a11a977543545e6da7c89ac390fc37032b7ebc566ddd6b07a47619ac75b7f5a7b0657092d872bedafb9a3f4134c4fc80955c16
SSDEEP

3072:DBz/1dYkR/RT9J0w1vHhF4Q2oH/tQVG8Jn6PhO3gLxoFnFgDIeg:DB71dfbJ0w1vhz2oCVTnuegLonSBg

Score

N/A

Malware Config

Signatures

Files

24d85b46785c79d8785c2d4b6599a0ae04ad8d5cb7dd28dba787ab39c39680e0
.exe windows x86

60328dec0f35d4ac40c17d1362ac0435

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoRegisterSurrogate
CoRegisterClassObject
CoTaskMemFree
CoTaskMemAlloc

advapi32

SetServiceStatus
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
QueryServiceStatus
OpenThreadToken
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueW
GetTokenInformation
DeleteService
CreateServiceA
SetSecurityDescriptorDacl
SetEntriesInAclA
RegisterServiceCtrlHandlerA
RegSetValueExA
RegEnumKeyA
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
OpenProcessToken

usp10

ScriptGetLogicalWidths
ScriptIsComplex
ScriptGetProperties
ScriptGetGlyphABCWidth
ScriptBreak
ScriptApplyLogicalWidth
ScriptItemize

winfax

FaxSendDocumentA
FaxGetDeviceStatusA
FaxEnumRoutingMethodsA
FaxSetConfigurationA
FaxSetGlobalRoutingInfoA

kernel32

GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersion
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
ReadFile
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
Sleep
LoadLibraryA
GetProcAddress
WriteConsoleW
lstrlenA
VerLanguageNameA
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
HeapFree
FatalAppExitA
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA

Exports

Exports

Danaruvyv
Iwesab

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60328dec0f35d4ac40c17d1362ac0435

Headers

File Characteristics

Imports

ole32

advapi32

usp10

winfax

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 80KB - Virtual size: 556KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 80KB - Virtual size: 556KB

.reloc
Size: 8KB - Virtual size: 7KB