6433c7546a6be63c0a2124191bcf17b4a0cc418d0d733299105aad04abbad235

Sharing

Copy URL Twitter E-mail

General

Target

6433c7546a6be63c0a2124191bcf17b4a0cc418d0d733299105aad04abbad235
Size

221KB
MD5

09dc11e9d15396202c60f1aeaeafec60
SHA1

99b428652e998fc646afbfbd5da77171ef324ca3
SHA256

6433c7546a6be63c0a2124191bcf17b4a0cc418d0d733299105aad04abbad235
SHA512

803ab1d780027564fe020de9a41e615e672ff04e72e08b9467821ce6066d48b5e6b98b6bee4d34b14cd8a934999c3f37b6ba6e00235c31415ddb05e39d603be7
SSDEEP

3072:thL/2kU8r3RF0CbvcxJRDY1hqNLKM84msgGptZJ9nIrUeKGvp/UQQKAs:3LHU8r3ROC7QY1hke4Hr+UeBh/UQv

Score

N/A

Malware Config

Signatures

Files

6433c7546a6be63c0a2124191bcf17b4a0cc418d0d733299105aad04abbad235
.exe windows x86

c139e776fde0c89d398c829b3a2251af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_iob
wcslen
iswalpha
printf
wcscat
wcsrchr
__getmainargs
_except_handler3
__p__commode
exit
fprintf

ntdll

NtSetInformationThread
RtlAdjustPrivilege
RtlNtStatusToDosError
RtlAllocateAndInitializeSid
RtlCreateSecurityDescriptor
NtQueryInformationToken
RtlSetDaclSecurityDescriptor
RtlAllocateHeap
RtlInitAnsiString
RtlLengthSecurityDescriptor
RtlAnsiStringToUnicodeString
NtOpenProcessToken
RtlCreateAcl
NtClose
NtDuplicateToken
RtlLengthSid
RtlUnicodeStringToAnsiString
RtlMakeSelfRelativeSD
RtlFreeSid
RtlValidSecurityDescriptor
RtlAddAccessAllowedAce

ole32

CoUninitialize
CoInitializeEx
CoCreateInstanceEx

advapi32

RegQueryValueExW
CloseServiceHandle
MakeSelfRelativeSD
TraceMessage
RegOpenKeyW
RegCloseKey
RegDeleteValueW
ControlService
OpenSCManagerW
OpenServiceA
OpenServiceW
RegUnLoadKeyW
StartServiceA
OpenSCManagerA
RegOpenKeyExW
RegConnectRegistryW
QueryServiceStatus
RegSetValueExW

kernel32

WriteFile
GetTimeZoneInformation
lstrcpyW
FindClose
SetEndOfFile
CreateThread
GetSystemTimeAsFileTime
GetCurrentProcessId
lstrcpynW
lstrcmpiW
GetFileSize
LocalFree
IsDebuggerPresent
ExpandEnvironmentStringsW
WaitForMultipleObjects
OutputDebugStringA
FormatMessageA
ResetEvent
LeaveCriticalSection
FormatMessageW
DeleteCriticalSection
EnterCriticalSection
ReleaseMutex
CreateEventW
ReadFile
GetCPInfo
LocalAlloc
GetStartupInfoA
SetLastError
FindNextFileW
WaitForSingleObject
SetUnhandledExceptionFilter
QueryPerformanceCounter
FindFirstFileW
GetSystemTime
CloseHandle
InitializeCriticalSection
GetLastError
SetEvent
GetTickCount
lstrlenW
GetCurrentProcess
LoadLibraryW
SetFilePointer
GetFileAttributesExW
lstrcatW
SetFileAttributesW
GetLocaleInfoW

rpcrt4

RpcEpResolveBinding
NdrClientCall2
RpcBindingFree
RpcSmDestroyClientContext
RpcStringFreeW
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c139e776fde0c89d398c829b3a2251af

Headers

File Characteristics

Imports

msvcrt

ntdll

ole32

advapi32

kernel32

rpcrt4

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 30KB - Virtual size: 29KB

.data Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB