820ba6fde2b4d3b94224783ef37eb2b17e07a476ca57f1474e7c67ad67fa1fcb

Sharing

Copy URL Twitter E-mail

General

Target

820ba6fde2b4d3b94224783ef37eb2b17e07a476ca57f1474e7c67ad67fa1fcb
Size

212KB
MD5

548916f91941909ee9ba79ca50e51870
SHA1

ec60c6494ef0b32d0a3f3406154c2c876591994b
SHA256

820ba6fde2b4d3b94224783ef37eb2b17e07a476ca57f1474e7c67ad67fa1fcb
SHA512

04f23b4e68c8683efe48faab09368390c23c314fb443a0c58a5d6de870455d055be029af6fa95ce68fe7a13bd3f9ff96cd2aadab3ecfc4046f8151e4d7ecbaf0
SSDEEP

3072:eqlA+lcahf8p761LRXbRy6Xjxm1ObfB58Y4x59oLc2rDz1ngasfSHiTRgzatb:rlHcahWWRRXU6llDVA9oLFsIi1gmt

Score

N/A

Malware Config

Signatures

Files

820ba6fde2b4d3b94224783ef37eb2b17e07a476ca57f1474e7c67ad67fa1fcb
.exe windows x86

0dc26bd6707766ec3702c547cb576d9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
InterlockedDecrement
CreateEventA
CreateFileA
GetVersion
DeleteFileA
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
SetConsoleCtrlHandler
GetVersionExA
SetEvent
InterlockedIncrement
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
SizeofResource
LockResource
_lcreat
_hwrite
_lclose
GetLastError
FormatMessageA
WaitForSingleObject
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetOEMCP
GetACP
LoadLibraryA
HeapSize
GetSystemInfo
VirtualProtect
SetStdHandle
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetFilePointer
FlushFileBuffers
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
VirtualQuery
InterlockedExchange
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
RaiseException
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
ReadFile
WriteFile
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

advapi32

ControlService
StartServiceA
QueryServiceStatus
OpenServiceA
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegOpenKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
OleUninitialize
CoSetProxyBlanket

oleaut32

SysStringLen
GetErrorInfo
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dc26bd6707766ec3702c547cb576d9e

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 40KB - Virtual size: 37KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 40KB - Virtual size: 37KB

.rmnet
Size: 60KB - Virtual size: 60KB