ea007dfee6bd0ae4321c4a83482eb201627ac3e065d19192520b76a0c1847556

General

Target

ea007dfee6bd0ae4321c4a83482eb201627ac3e065d19192520b76a0c1847556
Size

79KB
MD5

447c509e08a924edb284287d5fffef9b
SHA1

4e2b63f47dd8374b57915be3596e7ee8a90c6e2e
SHA256

ea007dfee6bd0ae4321c4a83482eb201627ac3e065d19192520b76a0c1847556
SHA512

f46d0f138d88ebc16d13cc2a11a28ac73b47ae2be4c6d601f064fc506caa0ad9c4a8d37fb98d6ae279d98c4638a106b4115a50c41411332c98b9973daff6882b
SSDEEP

1536:APVsa++Bjch9iOUVjfci8vo5OsW+tFd6iYZKL9+1PsGyjyVtZ0p4Og:APVsa+Mch9iOmUTkOsL3giYZQgs1jyVa

Score

N/A

Malware Config

Signatures

Files

ea007dfee6bd0ae4321c4a83482eb201627ac3e065d19192520b76a0c1847556
.exe windows x86

e1b8cedc2c87fe796eaf3188fb685988

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFileTime
FormatMessageW
GetExitCodeProcess
LeaveCriticalSection
SetFileTime
InitializeCriticalSection
SetFileTime
lstrcatA
HeapCreate
GetModuleHandleA
HeapSize
CreateEventA
IsBadWritePtr
GetStartupInfoW
lstrcpyA
ReadFile
InterlockedExchange
GetFileSize
GetLastError
LoadLibraryA
CloseHandle

mstscax

DllUnregisterServer
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

advapi32

RegQueryValueW
InitializeSid
RegCreateKeyExW
RegDeleteValueA
CreateServiceW
IsValidAcl
IsValidSid
ControlService
ClearEventLogW
IsValidSecurityDescriptor
CreateProcessAsUserA
RegEnumKeyA
IsTextUnicode

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 176B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e1b8cedc2c87fe796eaf3188fb685988

Headers

File Characteristics

Imports

kernel32

mstscax

advapi32

rasapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rich Size: 1KB - Virtual size: 176B

.RSRC Size: 65KB - Virtual size: 64KB

.ole Size: 512B - Virtual size: 112B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rich
Size: 1KB - Virtual size: 176B

.RSRC
Size: 65KB - Virtual size: 64KB

.ole
Size: 512B - Virtual size: 112B