78ca60c455188f45317806e9d2696890e4cb8775e91f5ccf3eee55781a165ccc

Sharing

Copy URL Twitter E-mail

General

Target

78ca60c455188f45317806e9d2696890e4cb8775e91f5ccf3eee55781a165ccc
Size

608KB
MD5

65e39a0f0efdc0c81f0771d349469b20
SHA1

b5dc37c9049057b40e842dc39fea5341a68b3404
SHA256

78ca60c455188f45317806e9d2696890e4cb8775e91f5ccf3eee55781a165ccc
SHA512

44526662ff16a12d610f78f82718b02bb8da1739f5a266930dedf56cb2e0e98476bf927c92266714974cc0738b5694bfeffe8f4099dbaaa8ed9784cc2a0e1cca
SSDEEP

12288:PbhRjnitKeuQ/SxghX3i52D+8t/An4/1RIdTEWi8vh/Ob:PzjnXQKxghHi5cg4/nIdITcO

Score

N/A

Malware Config

Signatures

Files

78ca60c455188f45317806e9d2696890e4cb8775e91f5ccf3eee55781a165ccc
.exe windows x86

f1169c292a74c18049082f3dcbefcc9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrClientCall2
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingFree
RpcStringFreeA
UuidCreate
RpcServerUnregisterIf
RpcServerListen
RpcServerRegisterIf
NdrServerCall2
RpcMgmtIsServerListening
RpcMgmtStopServerListening
RpcServerUseProtseqEpA

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

kernel32

SetEvent
InitializeCriticalSection
GetModuleFileNameA
LocalFree
WaitForMultipleObjects
LocalAlloc
CreateThread
GetLastError
GetSystemTimeAsFileTime
DeleteCriticalSection
SystemTimeToFileTime
GetLocalTime
GetPrivateProfileStringA
ReleaseMutex
CreateMutexA
CreateFileA
WriteFile
ReadFile
GetFileSize
InterlockedExchange
WaitForSingleObject
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
lstrlenW
SetLastError
GetCurrentProcess
OutputDebugStringA
OpenProcess
GetModuleHandleA
FormatMessageA
GetStringTypeA
TerminateProcess
CreateEventA
CloseHandle
CreateProcessW
CreateProcessA
EnterCriticalSection
LeaveCriticalSection
Sleep
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
SetStdHandle
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetEndOfFile
GetACP
RtlUnwind
MultiByteToWideChar
HeapFree
HeapAlloc
GetFileAttributesA
HeapReAlloc
GetStartupInfoA
GetCommandLineA
VirtualQuery
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetOEMCP
GetCPInfo
ExitProcess
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

PostQuitMessage

advapi32

RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
GetTokenInformation
DuplicateTokenEx
SetTokenInformation
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
StartServiceCtrlDispatcherA
SetServiceStatus
InitializeSecurityDescriptor
GetSidLengthRequired
InitializeAcl
InitializeSid
GetSidSubAuthority
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
CreateProcessAsUserW
CreateProcessAsUserA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1169c292a74c18049082f3dcbefcc9b

Headers

File Characteristics

Imports

rpcrt4

userenv

kernel32

user32

advapi32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 55KB

.rsrc Size: 1024B - Virtual size: 816B

.vmp0 Size: 508KB - Virtual size: 1.6MB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 55KB

.rsrc
Size: 1024B - Virtual size: 816B

.vmp0
Size: 508KB - Virtual size: 1.6MB