653a911219cd6584f55f351210470b8e0c4950fe0909af26bf7beb72252a1fce

Sharing

Copy URL

Twitter E-mail

General

Target

653a911219cd6584f55f351210470b8e0c4950fe0909af26bf7beb72252a1fce
Size

210KB
MD5

61af32102f2324181f3ae61fe4508680
SHA1

0e97735c865301540e94819a864b6c3395ac9cc9
SHA256

653a911219cd6584f55f351210470b8e0c4950fe0909af26bf7beb72252a1fce
SHA512

dc200f13c9a16fcf7b28f563d663e65362442ac6f97996ce3822ae0541c5e1ec2667a4c35a06dcc471ab18457537f95c6c2006d39a1be0b5a683dffc62b0eb15
SSDEEP

6144:h2LrpVCsKR/B4seyhUE9/8KlvtIbPa+1VEuKtieTW:hUrzR8Gs9JSKxtCJHEukW

Score

N/A

Malware Config

Signatures

Files

653a911219cd6584f55f351210470b8e0c4950fe0909af26bf7beb72252a1fce
.exe windows x86

7e561b179bf081971103048ddd3ec827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
LoadLibraryW
SetUnhandledExceptionFilter
FindClose
lstrcmpiW
SetLastError
lstrcpynW
GetSystemTime
SetEvent
LeaveCriticalSection
OutputDebugStringA
CloseHandle
InitializeCriticalSection
SetFileAttributesW
ReadFile
GetFileSize
GetCurrentProcess
QueryPerformanceCounter
DeleteCriticalSection
lstrcpyW
WriteFile
GetCPInfo
WaitForMultipleObjects
GetSystemTimeAsFileTime
SetEndOfFile
GetTickCount
FindNextFileW
GetLastError
GetFileAttributesExW
WaitForSingleObject
GetStartupInfoA
FormatMessageA
GetLocaleInfoW
lstrlenW
SetFilePointer
CreateThread
ExpandEnvironmentStringsW
GetCurrentProcessId
IsDebuggerPresent
LocalFree
CreateEventW
GetTimeZoneInformation
ResetEvent
FormatMessageW
FindFirstFileW
lstrcatW
LocalAlloc

ntdll

RtlCreateSecurityDescriptor
RtlAdjustPrivilege
RtlFreeSid
NtClose
RtlLengthSecurityDescriptor
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtSetInformationThread
NtOpenProcessToken
RtlLengthSid
RtlAllocateHeap
RtlAnsiStringToUnicodeString
RtlNtStatusToDosError
RtlMakeSelfRelativeSD
NtQueryInformationToken
RtlUnicodeStringToAnsiString
RtlValidSecurityDescriptor
NtDuplicateToken
RtlCreateAcl
RtlInitAnsiString
RtlAllocateAndInitializeSid

msvcrt

printf
_except_handler3
exit
_iob
__getmainargs
__set_app_type
fprintf
wcsrchr
wcscat
__p__commode
iswalpha
wcslen

rpcrt4

RpcSmDestroyClientContext
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW
RpcEpResolveBinding
NdrClientCall2

advapi32

StartServiceA
RegUnLoadKeyW
RegOpenKeyW
OpenSCManagerA
OpenSCManagerW
TraceMessage
MakeSelfRelativeSD
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
QueryServiceStatus
RegConnectRegistryW
ControlService
CloseServiceHandle
OpenServiceW
OpenServiceA

ole32

CoCreateInstanceEx
CoInitializeEx
CoUninitialize

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e561b179bf081971103048ddd3ec827

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

rpcrt4

advapi32

ole32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 39KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 39KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB