cb47ef41a0203a02dbb1ddea15b4571f62d2656505fdf95b1214690ac0ae8935

General

Target

cb47ef41a0203a02dbb1ddea15b4571f62d2656505fdf95b1214690ac0ae8935
Size

196KB
MD5

672b3a3144011600845e97056e02cd90
SHA1

790492afde27ac32354c3eed9e1a3c6a70560912
SHA256

cb47ef41a0203a02dbb1ddea15b4571f62d2656505fdf95b1214690ac0ae8935
SHA512

20bdb9ae8da8ce7fe7ebacf06e248c08c4eccb9b42c71fd81aaa1bccf76ae13960d9dddaf2801456290379b9c439391a011f8a431e578df0e2ed2c566bb7fe08
SSDEEP

3072:6FPjnYDP7Ne+qxc1oEKfnt4ftdSoT6arizoiLW6qSyby7HWbvtvWsoAoh4thg:WOPby6f7T66iMiLW6qSy+TUvtLoAoe

Score

N/A

Malware Config

Signatures

Files

cb47ef41a0203a02dbb1ddea15b4571f62d2656505fdf95b1214690ac0ae8935
.exe windows x86

8e6efaca9118ad73c9740f8942ed1bd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
LoadCursorA
EnableWindow
CreateWindowExA
InvalidateRect
wsprintfA
LoadStringA
CharNextA
IsWindow
DefWindowProcA
TranslateMessage
MessageBoxA
ShowWindow
SetWindowTextA
PostMessageA
SetForegroundWindow
SendMessageA
DestroyWindow
EndDialog
SetWindowLongA
GetParent
SetCursor
SetWindowPos
SetFocus
DispatchMessageA
GetWindowRect
PostQuitMessage
GetForegroundWindow

advapi32

ChangeServiceConfig2A
DeleteService
OpenSCManagerA
RegOpenKeyA
EqualSid
GetSecurityDescriptorControl
OpenProcessToken
AllocateAndInitializeSid
RegCreateKeyExA
GetTokenInformation
LookupPrivilegeValueA
GetUserNameA
RegQueryInfoKeyA
QueryServiceConfig2A
ControlService

kernel32

HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
WriteFile
GetCPInfo
GetOEMCP
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
SetHandleCount
GetLocaleInfoA
VirtualAlloc
ExitThread
DeleteFileA
IsValidCodePage
HeapAlloc
GetStartupInfoA
GetACP
OpenEventA
GetCurrentThreadId
DeleteCriticalSection
CreateDirectoryA
ReleaseMutex
Module32Next
ExitProcess
GetModuleHandleA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e6efaca9118ad73c9740f8942ed1bd4

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 140KB - Virtual size: 168KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 140KB - Virtual size: 168KB