7cf53fb714995bcbebe83e98e1723f28a4f26539730da159e59fe46cbafd96b7

Sharing

Copy URL Twitter E-mail

General

Target

7cf53fb714995bcbebe83e98e1723f28a4f26539730da159e59fe46cbafd96b7
Size

44KB
MD5

6f3bd288ca03663b80ffcacdde0b5084
SHA1

980818cc1cd10a16116b9b9a2b2a3882e003387f
SHA256

7cf53fb714995bcbebe83e98e1723f28a4f26539730da159e59fe46cbafd96b7
SHA512

75c76d8f984ce638bd8caf49d960a88f3cba7f4f4f00dcfcf30b54bb44d9b655b01bcf5466fe6ae34c48566f87b79ab6baeed5c512012259afa366780792fd73
SSDEEP

768:1srvldn1l8kpfx2lICrVH+bQBdPhnor88GoP:1svjX8Efx2j5HswWooP

Score

N/A

Malware Config

Signatures

Files

7cf53fb714995bcbebe83e98e1723f28a4f26539730da159e59fe46cbafd96b7
.exe windows x86

6e1e4c1e9132ea801d721a05921e346f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord690
ord4277
ord4129
ord5710
ord5572
ord2915
ord6663
ord4202
ord800
ord939
ord1988
ord825
ord823
ord6877
ord858
ord4278
ord2614
ord540
ord5207
ord924
ord389

msvcrt

_adjust_fdiv
__p__commode
malloc
_exit
_XcptFilter
__getmainargs
__CxxFrameHandler
_mbscmp
atoi
memset
__setusermatherr
_acmdln
free
_initterm
memcpy
__p__fmode
__set_app_type
_controlfp
_except_handler3
??1type_info@@UAE@XZ
exit

kernel32

GetCommandLineA
WriteFile
GetStartupInfoA
GetModuleHandleA
GetCurrentThread
GetCurrentProcess
GetLastError
GetModuleFileNameA
GetSystemDefaultLangID
CreateProcessA
CloseHandle
lstrlenA
CreateFileA
FindClose
FindFirstFileA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
GetCurrentThreadId
lstrcmpiA

user32

GetMessageA
DispatchMessageA
PostThreadMessageA
SetTimer
LoadStringA
CharNextA

advapi32

StartServiceCtrlDispatcherA
ControlService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
GetTokenInformation
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegisterServiceCtrlHandlerA
ChangeServiceConfig2A
DeleteService
CreateServiceA
QueryServiceStatus
StartServiceA
LockServiceDatabase
UnlockServiceDatabase
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
SetServiceStatus

atl

ord20
ord17
ord18
ord23
ord57
ord16

ole32

CoInitializeSecurity
CoUninitialize
CoInitialize

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e1e4c1e9132ea801d721a05921e346f

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

atl

ole32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 28KB