1902327aab142652e1825da3371dba0b0fe7fdba7bd0612c8029de56fc475394

Sharing

Copy URL Twitter E-mail

General

Target

1902327aab142652e1825da3371dba0b0fe7fdba7bd0612c8029de56fc475394
Size

59KB
MD5

671122356bc0e2362bb8bf837e4b2df9
SHA1

be93fa7e36eea2a494a8f1c465555abae5066065
SHA256

1902327aab142652e1825da3371dba0b0fe7fdba7bd0612c8029de56fc475394
SHA512

01110063bc108e5b7cf8791a96f598f804b09e11c9c23d1536b5a2724f6da8950ed0e9e539883bba07d1ffb064eb6a96259a76f8c0ddc70753809e3d95deff86
SSDEEP

768:ne+RS2K5XdvCYSvGG/GS13H8yJM1MKgn5ZTmOtQXQ:eoS20vLS73cySBpOtO

Score

N/A

Malware Config

Signatures

Files

1902327aab142652e1825da3371dba0b0fe7fdba7bd0612c8029de56fc475394
.dll windows x86

7dd7a6f51d356b235638017430d013f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateProcessA
WaitForSingleObject
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
OpenEventA
SetEvent
GetTempPathA
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
WriteProcessMemory
GetCurrentProcess
VirtualProtect
FlushInstructionCache
DeleteFileA
GetTickCount
CloseHandle
WriteFile
GetProcAddress
Sleep
HeapSize
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
RtlUnwind
RaiseException

user32

wsprintfA

advapi32

CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
StartServiceA

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

Exports

Exports

_Install@0
_MissionBriefing@8
_Uninstall@0

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crome
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dd7a6f51d356b235638017430d013f0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 71KB

.crome Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 71KB

.crome
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB