458072488c6fab8089382d3d092c82a2927395af45021a0df60a4b1b1dbd2bda

Sharing

Copy URL

Twitter E-mail

General

Target

458072488c6fab8089382d3d092c82a2927395af45021a0df60a4b1b1dbd2bda
Size

164KB
MD5

66299ff5ca2cbd694011e7b68c391370
SHA1

13d3effecebcf8ef2604d87671a1fcd907f42184
SHA256

458072488c6fab8089382d3d092c82a2927395af45021a0df60a4b1b1dbd2bda
SHA512

8b17fd5c6c7213f646492d9b1f8c1429c8ca647fd23573873acf24bb6a88ff98d020813c2930966d4966d863302da0f76f421ede1ce90317bbfd9bd2a78c5c02
SSDEEP

1536:PI+OX6An/yHCFGsMXKjihF+zkdpfc2cJNqoRweAsnTf5QkcCn+v0:PnOqm/yHCFG2i+4rfbcJI0wY+e+8

Score

N/A

Malware Config

Signatures

Files

458072488c6fab8089382d3d092c82a2927395af45021a0df60a4b1b1dbd2bda
.exe windows x86

843187eab41b16318d2788ac09cdd587

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oracore10

lstlo
lstcap

orauts

GetModuleHandleA
DuplicateHandle
ReadFile
WriteFile
WaitForSingleObject
ReleaseMutex
GetOverlappedResult
OpenProcess
GetProcAddress
CreateProcessA
CreateNamedPipeA
CreateEventA
CreateMutexA
ConnectNamedPipe
CloseHandle
WaitForMultipleObjects
ResetEvent
CreateThread
Sleep
GetLastError
WaitForInputIdle
SetEvent

kernel32

GenerateConsoleCtrlEvent
GetStdHandle
FreeConsole
AllocConsole
LocalFree
DisconnectNamedPipe
CreatePipe
FlushFileBuffers
GetExitCodeProcess
GetModuleFileNameA
SetConsoleCtrlHandler
TerminateProcess
FormatMessageA
GetCurrentProcess

advapi32

RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
QueryServiceStatus
OpenServiceA
DeleteService
ControlService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
ReportEventA
RegisterEventSourceA
DeregisterEventSource
SetServiceStatus
StartServiceCtrlDispatcherA

msvcr71

_XcptFilter
_stricmp
strncpy
sprintf
calloc
free
malloc
atoi
memset
_c_exit
_cexit
_controlfp
__p___initenv
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_exit
exit
printf

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 408B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

843187eab41b16318d2788ac09cdd587

Headers

File Characteristics

Imports

oracore10

orauts

kernel32

advapi32

msvcr71

Sections

.text Size: 20KB - Virtual size: 16KB

.text1 Size: 4KB - Virtual size: 408B

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 4KB - Virtual size: 2KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 20KB - Virtual size: 16KB

.text1
Size: 4KB - Virtual size: 408B

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 64KB