eb354c20b78b7a4e02f431f32dd0b3830fc9c81a1cc6d879b2c519ac6af8d25b

Sharing

Copy URL Twitter E-mail

General

Target

eb354c20b78b7a4e02f431f32dd0b3830fc9c81a1cc6d879b2c519ac6af8d25b
Size

142KB
MD5

7bc6fa0f4b2f003db21a834381c83ebe
SHA1

59caaa19e5252ba01ff14d2c938a62081deb2f14
SHA256

eb354c20b78b7a4e02f431f32dd0b3830fc9c81a1cc6d879b2c519ac6af8d25b
SHA512

511aa4b4153d45223d5a41bbca6a6b2e7cb6eb20d69a0365eb8824eecf1dd9f5ed03e858a50ff1b5a0bc269bd0af4330d7b8540cce0852c59b84b862a6fb748f
SSDEEP

3072:TwEiBFNT0GcRtsCyrkVyqvqwLRbFRVTSG8R/yvT6X:T+BDoFsCyrDwFlTSxMv2X

Score

N/A

Malware Config

Signatures

Files

eb354c20b78b7a4e02f431f32dd0b3830fc9c81a1cc6d879b2c519ac6af8d25b
.exe windows x86

0c9807c2d874d5878276ac925114e1c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegFlushKey
RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
QueryServiceConfigA
OpenServiceA
StartServiceA
CreateServiceA
DeleteService
QueryServiceStatus
ControlService

user32

wsprintfA

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsA
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoList
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupOpenInfFileA
SetupInstallServicesFromInfSectionA
SetupCloseInfFile

kernel32

GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
GetStringTypeW
lstrcpyA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetSystemDirectoryA
GetVersionExA
FindClose
FindFirstFileA
lstrcmpiA
lstrlenA
DeleteFileA
GetWindowsDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
Sleep
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
SetFilePointer
VirtualAlloc
HeapReAlloc
GetCPInfo
GetStringTypeA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.9rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c9807c2d874d5878276ac925114e1c6

Headers

File Characteristics

Imports

advapi32

user32

setupapi

kernel32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 736B

.9rdata Size: 76KB - Virtual size: 76KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 736B

.9rdata
Size: 76KB - Virtual size: 76KB