902b72dd8e0ca3a9f44b130c2c5c2db6712709686ffc8ea8cd669615cd43c8b4

Sharing

Copy URL Twitter E-mail

General

Target

902b72dd8e0ca3a9f44b130c2c5c2db6712709686ffc8ea8cd669615cd43c8b4
Size

221KB
MD5

6b4f90ec54c09d1e4dadb7b5e010673e
SHA1

ec11908bd68404bcdb7df672fe78ec70d2b92739
SHA256

902b72dd8e0ca3a9f44b130c2c5c2db6712709686ffc8ea8cd669615cd43c8b4
SHA512

f3a7d255c6bc04d773e04f030f26e0d1334eaf4a107de8bd884598679b95d9c38c198a727a92ce91eb1a2769700f3ffdaff4b2a3be77892f53d5ee18586b266e
SSDEEP

3072:thL/2kU8r3RF0CbvcxJRDY1hqNLKM84msgGptZJ9nIrUeKGvp/UQQKAx:3LHU8r3ROC7QY1hke4Hr+UeBh/UQC

Score

N/A

Malware Config

Signatures

Files

902b72dd8e0ca3a9f44b130c2c5c2db6712709686ffc8ea8cd669615cd43c8b4
.exe windows x86

c139e776fde0c89d398c829b3a2251af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_iob
wcslen
iswalpha
printf
wcscat
wcsrchr
__getmainargs
_except_handler3
__p__commode
exit
fprintf

ntdll

NtSetInformationThread
RtlAdjustPrivilege
RtlNtStatusToDosError
RtlAllocateAndInitializeSid
RtlCreateSecurityDescriptor
NtQueryInformationToken
RtlSetDaclSecurityDescriptor
RtlAllocateHeap
RtlInitAnsiString
RtlLengthSecurityDescriptor
RtlAnsiStringToUnicodeString
NtOpenProcessToken
RtlCreateAcl
NtClose
NtDuplicateToken
RtlLengthSid
RtlUnicodeStringToAnsiString
RtlMakeSelfRelativeSD
RtlFreeSid
RtlValidSecurityDescriptor
RtlAddAccessAllowedAce

ole32

CoUninitialize
CoInitializeEx
CoCreateInstanceEx

advapi32

RegQueryValueExW
CloseServiceHandle
MakeSelfRelativeSD
TraceMessage
RegOpenKeyW
RegCloseKey
RegDeleteValueW
ControlService
OpenSCManagerW
OpenServiceA
OpenServiceW
RegUnLoadKeyW
StartServiceA
OpenSCManagerA
RegOpenKeyExW
RegConnectRegistryW
QueryServiceStatus
RegSetValueExW

kernel32

WriteFile
GetTimeZoneInformation
lstrcpyW
FindClose
SetEndOfFile
CreateThread
GetSystemTimeAsFileTime
GetCurrentProcessId
lstrcpynW
lstrcmpiW
GetFileSize
LocalFree
IsDebuggerPresent
ExpandEnvironmentStringsW
WaitForMultipleObjects
OutputDebugStringA
FormatMessageA
ResetEvent
LeaveCriticalSection
FormatMessageW
DeleteCriticalSection
EnterCriticalSection
ReleaseMutex
CreateEventW
ReadFile
GetCPInfo
LocalAlloc
GetStartupInfoA
SetLastError
FindNextFileW
WaitForSingleObject
SetUnhandledExceptionFilter
QueryPerformanceCounter
FindFirstFileW
GetSystemTime
CloseHandle
InitializeCriticalSection
GetLastError
SetEvent
GetTickCount
lstrlenW
GetCurrentProcess
LoadLibraryW
SetFilePointer
GetFileAttributesExW
lstrcatW
SetFileAttributesW
GetLocaleInfoW

rpcrt4

RpcEpResolveBinding
NdrClientCall2
RpcBindingFree
RpcSmDestroyClientContext
RpcStringFreeW
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c139e776fde0c89d398c829b3a2251af

Headers

File Characteristics

Imports

msvcrt

ntdll

ole32

advapi32

kernel32

rpcrt4

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB