d172b73bab651a4554afd119719a8b849efc9b1f95c60b6f4f71bd45093e7421

General

Target

d172b73bab651a4554afd119719a8b849efc9b1f95c60b6f4f71bd45093e7421
Size

140KB
MD5

489b0a0bd5e346d663d04d07fc8e2c8d
SHA1

6bbf6cc0244bb4cf31bbc90bddcacf042c9b25aa
SHA256

d172b73bab651a4554afd119719a8b849efc9b1f95c60b6f4f71bd45093e7421
SHA512

b05fe15c5bf7f80e7df5f56da6c16b8fcfc3b9945de800fff8009049557dd61f0f9ad99ce8d338cc06fd70ebdab3aae62f7e418f4461ae2f98765cfad5821221
SSDEEP

3072:h11Jp5OzQcJ5nDQpA9ndLjhyxwwvHU6+oVSXxUy69kitR:h13p5EQcJ5nDmADjhyx+hxU39tt

Score

N/A

Malware Config

Signatures

Files

d172b73bab651a4554afd119719a8b849efc9b1f95c60b6f4f71bd45093e7421
.exe windows x86

092bfc080ddafc32037c69560bfff566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegisterServiceCtrlHandlerW
SetServiceStatus
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegOpenKeyExW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
StartServiceCtrlDispatcherW
DeleteService
QueryServiceStatus
ControlService
OpenServiceW
QueryServiceConfigW
RegEnumKeyExW
DeregisterEventSource
ReportEventW
RegisterEventSourceW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysFreeString
VariantInit
GetErrorInfo

kernel32

lstrcpynW
FormatMessageW
GetVersionExW
GetComputerNameW
GetSystemDirectoryW
LoadLibraryW
LocalFree
lstrlenW
GetLastError
FreeLibrary
GetProcAddress
OutputDebugStringW
Sleep

msvcrt

wcscpy
_itow
wcsncat
__dllonexit
wcscmp
memset
_except_handler3
__p__fmode
wprintf
_wtoi
_wcsicmp
wcslen
_ultow
wcsncpy
swprintf
wcscat
_onexit
??3@YAXPAX@Z
??2@YAPAXI@Z
div
_adjust_fdiv
__p__commode
_controlfp
__set_app_type
free
malloc
wcschr
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr

netapi32

NetApiBufferFree
NetGetAnyDCName

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

092bfc080ddafc32037c69560bfff566

Headers

File Characteristics

Imports

advapi32

ole32

oleaut32

kernel32

msvcrt

netapi32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 80KB - Virtual size: 80KB