a57f221844e2abdee485cfecad9e9317c260d50ea1896daba0bbc6b2fd20604a

Sharing

Copy URL Twitter E-mail

General

Target

a57f221844e2abdee485cfecad9e9317c260d50ea1896daba0bbc6b2fd20604a
Size

969KB
MD5

42f48a510b3cdab20c55c1d9772acfd0
SHA1

74ed3b734fc64ad62e7e108743e2a613d136761d
SHA256

a57f221844e2abdee485cfecad9e9317c260d50ea1896daba0bbc6b2fd20604a
SHA512

e19b8d2100343444ed1411112358ceaee47033a8275d885e18f4cd753b686da1110aaced7208612082f15d8f2aac582bdee9fc21d8f64ef4ab7dde07195ec783
SSDEEP

24576:P1FgkCCCgHypQbwkguCdD8UPlWjTEDamfvyyjG7Mri:f5C9YypOwRQFjEvxCui

Score

N/A

Malware Config

Signatures

Files

a57f221844e2abdee485cfecad9e9317c260d50ea1896daba0bbc6b2fd20604a
.dll windows x86

5ca2d84642bab9dad48fd93ecbeb4f38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegSetValueExA
GetNamedSecurityInfoA
GetSidLengthRequired
InitializeSid
QueryServiceStatus
OpenServiceA
OpenSCManagerA
ControlService
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce
GetAclInformation
GetSecurityDescriptorDacl
QueryServiceObjectSecurity
QueryServiceConfigA
ChangeServiceConfigA
DeleteService
StartServiceA
CreateServiceA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
CloseServiceHandle
IsValidSid
CopySid
GetLengthSid
AddAce
InitializeAcl
MakeSelfRelativeSD
GetSecurityDescriptorControl
GetSecurityDescriptorLength
SetNamedSecurityInfoA
GetSecurityDescriptorSacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
MakeAbsoluteSD
GetSidSubAuthority

kernel32

MoveFileA
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
DeviceIoControl
CloseHandle
CreateFileA
GetLastError
MoveFileExA
GetWindowsDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CopyFileA
GetTempFileNameA
Sleep
ReadFile
SetFilePointer
LockResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
CallNamedPipeA
GetCurrentProcessId
LocalFree
FreeLibrary
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetTempPathA
WriteFile
FlushFileBuffers
SetEndOfFile
GetDriveTypeA
SetLastError
WaitForSingleObject
ReleaseMutex
OpenMutexA
CreateMutexA
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
GetTickCount
GetCurrentThreadId
HeapDestroy
HeapReAlloc
HeapSize
FormatMessageA
InterlockedCompareExchange
GetFileAttributesExA
InterlockedDecrement
InterlockedIncrement
ExitProcess
RtlUnwind
GetCurrentDirectoryA
GetFullPathNameA
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetCPInfo
QueryPerformanceCounter
GetModuleFileNameA
HeapCreate
VirtualFree
IsBadWritePtr
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetOEMCP
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW

user32

SetLastErrorEx

Exports

Exports

CdaSysGetTrackedErrors
fnpActSvcFullUninstallWin
fnpActSvcGetLastErrorWin
fnpActSvcInstallWin
fnpActSvcUninstallWin

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 663KB - Virtual size: 662KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ca2d84642bab9dad48fd93ecbeb4f38

Headers

File Characteristics

Imports

version

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 663KB - Virtual size: 662KB

.reloc Size: 18KB - Virtual size: 18KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 663KB - Virtual size: 662KB

.reloc
Size: 18KB - Virtual size: 18KB

.rmnet
Size: 56KB - Virtual size: 60KB