86d5e6e524f4fe23f9251f98bad1feab3be30ced59b3c4f2b64416e3e6c0a7b8

Sharing

Copy URL Twitter E-mail

General

Target

86d5e6e524f4fe23f9251f98bad1feab3be30ced59b3c4f2b64416e3e6c0a7b8
Size

65KB
MD5

6cff386d07e49bd8d4ab4809613861f9
SHA1

7d7869d12679f2390f7a8841194dfab8ea23a034
SHA256

86d5e6e524f4fe23f9251f98bad1feab3be30ced59b3c4f2b64416e3e6c0a7b8
SHA512

047e313cfb111e3d10dbe0f33d00f1712b2f8feafd2321a5cd54cb35e0ea8d944106acc4e40d8943cc45b52b54f2f7586022dc6328de505e85e83e9e7f03f0e7
SSDEEP

768:X7rv8QBpfp+CrYxialmmdN3RMBC86tdlZWyYKoW6wlIOqO3lUJswm6PcFH/QX:Xnjf8W4ialpZOQrtwyOaCZngy

Score

N/A

Malware Config

Signatures

Files

86d5e6e524f4fe23f9251f98bad1feab3be30ced59b3c4f2b64416e3e6c0a7b8
.exe windows x86

ec7de4e21f8f1cab6af11240c98f01c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsupr
_amsg_exit
_controlfp
_cexit
_mbschr
memmove
_XcptFilter
__setusermatherr
memcpy
malloc
_adjust_fdiv
_acmdln
_exit
memset
strchr
_mbscmp
_initterm
_mbsstr
strstr
__p__fmode
_getcwd
_ismbblead
strtok
exit
_mbsinc
_mbsicmp
__getmainargs
__set_app_type
?terminate@@YAXXZ
_access
__p__commode

kernel32

FindFirstFileA
GetProcAddress
CreateFileW
GetPrivateProfileStringA
MoveFileExA
Sleep
TerminateProcess
GetCurrentProcessId
GetFileType
SetUnhandledExceptionFilter
GetCommandLineA
FindNextFileA
FindClose
SetFileAttributesA
UnhandledExceptionFilter
GetCurrentProcess
CreateProcessA
QueryPerformanceCounter
GetTickCount
RemoveDirectoryA
GetLastError
lstrcatA
VirtualProtect
lstrlenA
GetWindowsDirectoryA
MapViewOfFile
GetCurrentThreadId
CreateDirectoryA
FreeLibrary
CloseHandle
LoadLibraryA
SetFilePointer
GetShortPathNameA
lstrcpynA
InterlockedExchange
WaitForSingleObject
CreateFileMappingA
InterlockedCompareExchange
DeleteFileA
GlobalFree
GetFileSize
GlobalAlloc
GetSystemTimeAsFileTime
UnmapViewOfFile
GetSystemDirectoryA
SetEndOfFile
CreateFileA
GetStartupInfoA
GetExitCodeProcess
lstrcpyA
GetVersionExA
GetModuleHandleA

user32

MessageBoxA
ExitWindowsEx
FindWindowA
wsprintfA
LoadIconA
SendMessageA
LoadStringA

advapi32

OpenSCManagerA
DeleteService
RegSetValueExA
AdjustTokenPrivileges
FreeSid
ControlService
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
AllocateAndInitializeSid
RegDeleteValueA
EqualSid
RegQueryValueExA
OpenServiceA
GetTokenInformation
CloseServiceHandle
LookupPrivilegeValueA
OpenProcessToken

setupapi

SetupDiDeleteDeviceInfo
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA

ntdll

RtlUnwind

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec7de4e21f8f1cab6af11240c98f01c6

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

setupapi

ntdll

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 6KB

.data Size: 34KB - Virtual size: 36KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 6KB

.data
Size: 34KB - Virtual size: 36KB

.rsrc
Size: 2KB - Virtual size: 2KB