d3310f69addf91827b6d300e4f3bc993af947bf582a29e36088596b6a5338f69

Sharing

Copy URL Twitter E-mail

General

Target

d3310f69addf91827b6d300e4f3bc993af947bf582a29e36088596b6a5338f69
Size

80KB
MD5

72505e12899ddc1763249004318b9380
SHA1

11c7a323a848f9ea8276273d340962a80611b0ff
SHA256

d3310f69addf91827b6d300e4f3bc993af947bf582a29e36088596b6a5338f69
SHA512

7e121ed6a1afa80a9a6e341741bf377bfea240312f5dacee2f4ecefce4d27c25361a4f883de0be656c71f359abf9a69ea9e47a68d987430cd929a490dce02b86
SSDEEP

1536:k5RtHNmjlbL9lGQLPX4wn365Ej153kDcW8XXf+:wbtEln733/0DaXXf+

Score

N/A

Malware Config

Signatures

Files

d3310f69addf91827b6d300e4f3bc993af947bf582a29e36088596b6a5338f69
.exe windows x86

fafd77e03e202ea893f628207eb269f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
WritePrivateProfileStringA
TerminateProcess
GetPrivateProfileStringA
lstrcmpiA
CreateProcessA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThreadId
ResetEvent
CreateEventA
FormatMessageA
GetModuleFileNameA
Sleep
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
IsBadCodePtr
LocalFree
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrcpyA
lstrcatA
CreateFileA
GetFileSize
DeleteFileA
SetFilePointer
WriteFile
GetLastError
SetFileAttributesA
lstrlenA
CreateDirectoryA
GetLocalTime
SetCurrentDirectoryA
IsBadReadPtr
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleA
HeapFree
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
VirtualQuery
QueryPerformanceCounter
GetCurrentProcessId
WideCharToMultiByte
VirtualProtect
VirtualAlloc
GetSystemInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
GetCPInfo
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetOEMCP

user32

GetMessageA
TranslateAcceleratorA
DispatchMessageA
SetTimer
KillTimer
PostThreadMessageA
TranslateMessage

advapi32

StartServiceA
QueryServiceStatus
ControlService
DeleteService
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
SetServiceStatus
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fafd77e03e202ea893f628207eb269f4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 12KB - Virtual size: 8KB