0f7ec7a1198f8b6ad2958c092165179596823dc3983c7f64e60e19db2d1b2b62

Sharing

Copy URL

Twitter E-mail

General

Target

0f7ec7a1198f8b6ad2958c092165179596823dc3983c7f64e60e19db2d1b2b62
Size

303KB
MD5

6ac0141e6b1d7e86410c6dcb33a19f70
SHA1

6db3779137534e2eb856ca042c57d96c8bfeccde
SHA256

0f7ec7a1198f8b6ad2958c092165179596823dc3983c7f64e60e19db2d1b2b62
SHA512

46334c9a5e5e653f72762b42cb847733faba20ff82d9c04299d5567c580278200242bae83436967ee7af23387c3a1dbb506add0866a2877191a441bf05050288
SSDEEP

6144:qtN1tT1cQipGJbSiZEcngedmaNbhLUfxtAFiONA8/xITbb:qnLTiDpG1Sfcngedm8+EUOz/xI/

Score

N/A

Malware Config

Signatures

Files

0f7ec7a1198f8b6ad2958c092165179596823dc3983c7f64e60e19db2d1b2b62
.exe windows x86

bc0a7550c358c6294bdf5b0f8e6f7ae8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoInitialize

advapi32

SetSecurityDescriptorDacl
FreeSid
SetEntriesInAclA
RegCloseKey
InitializeSecurityDescriptor
GetTokenInformation
ControlService
RegOpenKeyExA
RegEnumKeyA
RegSetValueExA
CloseServiceHandle
OpenProcessToken
AdjustTokenPrivileges
RegisterServiceCtrlHandlerA
AllocateAndInitializeSid
SetServiceStatus
StartServiceCtrlDispatcherA
RegQueryValueExA
DeleteService
CreateServiceA
LookupPrivilegeValueA

rpcrt4

RpcImpersonateClient
RpcServerListen
RpcRaiseException
I_RpcBindingIsClientLocal
RpcMgmtSetServerStackSize
UuidFromStringA
NdrServerCall2
RpcRevertToSelf
UuidCreate

comdlg32

GetFileTitleA
GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA
ChooseFontA
ChooseColorA

comctl32

_TrackMouseEvent
ord17
ImageList_GetIcon
ImageList_DragShowNolock

odbc32

ord20
ord59
ord68
ord78
ord133
ord58
ord119
ord44
ord24
ord170
ord142
ord29
ord166
ord145
ord49
ord173
ord156
ord139
ord16
ord140
ord28
ord37
ord121
ord162
ord117
ord72
ord13
ord165
ord135
ord132
ord150
ord18
ord61
ord160
ord154
ord138
ord26
ord74
ord63
ord64
ord43
ord12
ord48
ord147
ord152
ord141
ord69
ord134
ord155
ord153
ord167
ord31
ord136

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
Sleep
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetACP
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
OpenSemaphoreA
VirtualProtect
SetFileAttributesA
PrepareTape
CloseHandle
CreateProcessA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc0a7550c358c6294bdf5b0f8e6f7ae8

Headers

File Characteristics

Imports

ole32

advapi32

rpcrt4

comdlg32

comctl32

odbc32

kernel32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 11KB - Virtual size: 248KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 11KB - Virtual size: 248KB