5178e6d5c87cbfed4c974e1a21de957ab4e3a68694c4bbd146c39696a786d849

Sharing

Copy URL

Twitter E-mail

General

Target

5178e6d5c87cbfed4c974e1a21de957ab4e3a68694c4bbd146c39696a786d849
Size

188KB
MD5

29444be3039fb203801e5c04219cec27
SHA1

a2c41db5389c64bc8227d1c5c561d382c05ff4f7
SHA256

5178e6d5c87cbfed4c974e1a21de957ab4e3a68694c4bbd146c39696a786d849
SHA512

17e4334e9f6afe9d61d47662112783ed21e09d0e067f251e5951665d90925d83853375a9105c1984ef0ac46e78af6bbce9d9109e0bd02961b1383e76e1af98d4
SSDEEP

3072:nIg+1uUIYuNGtb7mdpRpYIOf//IsnE0t9rQ1iaLDA4xpGefX0Ml9KizLHf:Ohjb7J

Score

N/A

Malware Config

Signatures

Files

5178e6d5c87cbfed4c974e1a21de957ab4e3a68694c4bbd146c39696a786d849
.exe windows x86

803556a4f53655458d41809b6179ff2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrServerCall2
RpcServerUseProtseqEpW
RpcServerRegisterIfEx
RpcMgmtStopServerListening
RpcSsDontSerializeContext
RpcServerListen
RpcServerUnregisterIf
RpcImpersonateClient
RpcRevertToSelf

kernel32

GetSystemTime
GetFileAttributesW
CloseHandle
SystemTimeToFileTime
GetFullPathNameW
CreateDirectoryW
SetFileAttributesW
GetLastError
ResetEvent
CreateMutexW
FindFirstFileW
InterlockedIncrement
GetCurrentThread
SetEvent
Sleep
FileTimeToSystemTime
GetDriveTypeW
CreateEventW
GetLogicalDriveStringsW
GlobalFree
lstrlenW
InterlockedDecrement
WaitForSingleObject
FindClose
ReleaseMutex
GetTickCount
FindNextFileW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
InterlockedExchange
GetCurrentProcess
GetVersionExW
FormatMessageW
SetProcessWorkingSetSize
ReadFile
LocalFree
MoveFileW
GetFileSize
WriteFile
DeleteFileW
BackupRead
CreateFileW
SetLastError
SetFilePointer
BackupWrite
GetVolumeInformationW
GetTempFileNameW
GetCurrentThreadId
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
FlushFileBuffers
LCMapStringW
LCMapStringA
RtlUnwind
GetStringTypeW
GlobalAlloc
CreateFileA
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
GetWindowsDirectoryW
GetCurrentProcessId
GetDateFormatW
HeapAlloc
HeapFree
GetProcessHeap
GetSystemDirectoryW
GetTimeFormatW
GetTempPathW
GetLocalTime
ProcessIdToSessionId
TerminateThread
WaitForMultipleObjects
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
GetStartupInfoW
GetFileType
SetEndOfFile
ExitThread
CreateThread
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RaiseException
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA

user32

MessageBoxW

advapi32

RegQueryValueExW
CreateServiceW
AdjustTokenPrivileges
DeleteService
SetServiceStatus
RegisterServiceCtrlHandlerW
OpenProcessToken
StartServiceCtrlDispatcherW
OpenSCManagerW
LookupPrivilegeValueW
CloseServiceHandle
OpenServiceW
GetTokenInformation
CheckTokenMembership
OpenThreadToken
LookupAccountSidW
ConvertSidToStringSidW
GetSecurityInfo
ConvertStringSidToSidW
RegCloseKey
GetUserNameW
RegOpenKeyExW

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString

vseapi

vseExec
vseSet
vseRelease
vseGlobalRelease
vseGet
vseInit
vseGlobalInit

msi

ord90

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

803556a4f53655458d41809b6179ff2e

Headers

File Characteristics

Imports

rpcrt4

kernel32

user32

advapi32

oleaut32

vseapi

msi

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 48KB - Virtual size: 46KB