14b5429555615862d75d40bd4dbaa17cd48aea0bbe393f99db32006c7535b999

Sharing

Copy URL Twitter E-mail

General

Target

14b5429555615862d75d40bd4dbaa17cd48aea0bbe393f99db32006c7535b999
Size

41KB
MD5

2d23c0b6d20d637dfeb308cbbc0a1eb0
SHA1

783f6666ed940747d33f1e083c86a99c3b3414f5
SHA256

14b5429555615862d75d40bd4dbaa17cd48aea0bbe393f99db32006c7535b999
SHA512

3dabdee48d5e05b0b872f2805ddeb7f0ac1a14a3aee81e3009511939607287a10a6e2c6fac4674beef8fac26455d0f0251d8bea3908521c9e9add69bb997556a
SSDEEP

768:6cOx69VWWViWbC/Q7Xx0k6TCLWntULJav0KHrrkI0xrV5hJ67shCgr0oNr:6cOwHVA/QTxtPLq0KXxMz67shtr0oNr

Score

N/A

Malware Config

Signatures

Files

14b5429555615862d75d40bd4dbaa17cd48aea0bbe393f99db32006c7535b999
.exe windows x86

62010e1fb34301f48f18a28d85fe7a59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__set_app_type
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
??2@YAPAXI@Z
??3@YAXPAX@Z

advapi32

RegQueryValueExA
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegCloseKey

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
SetLastError
lstrcmpiA
GetLastError
LocalFree
LoadLibraryA
LocalAlloc
FreeLibrary
Sleep
GetProcAddress
LeaveCriticalSection
LoadLibraryExA
EnterCriticalSection
DeleteCriticalSection
SetErrorMode
InitializeCriticalSection
OutputDebugStringA
LoadLibraryW
WaitForSingleObject
SetEvent
CloseHandle
ResetEvent
CreateThread
CreateEventW

user32

wsprintfA

iisutil

PuDeleteDebugPrintsObject
PuCreateDebugPrintsObject
?ReallocStorage@BUFFER@@AAEHI@Z
ReadStringParameterValueFromAnyService
??0BUFFER@@QAE@I@Z
SetStringParameterValueInAnyService
GenerateNameWithGUID
??0STRU@@QAE@XZ
PuDbgPrint

Exports

Exports

??4IPM_MESSAGE_PIPE@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mopexhv
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

62010e1fb34301f48f18a28d85fe7a59

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

iisutil

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 28KB - Virtual size: 29KB

mopexhv Size: - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 28KB - Virtual size: 29KB

mopexhv
Size: - Virtual size: 4KB