1872ea08bdb7df86ae824537c4855ff56d6beb8755427e4774d5ddc5ad5fe3bf

Sharing

Copy URL

Twitter E-mail

General

Target

1872ea08bdb7df86ae824537c4855ff56d6beb8755427e4774d5ddc5ad5fe3bf
Size

197KB
MD5

7d3dbdf07a58cf628ad5af54e737fb51
SHA1

31cea7b370533ce003b1857ea4a1489da3045d88
SHA256

1872ea08bdb7df86ae824537c4855ff56d6beb8755427e4774d5ddc5ad5fe3bf
SHA512

4d6de51db418ead4e83b4a1beb7dd405b1ddd420a87c9fd834fcb1670894810f377e244ac4c4140dc1c21e0f35a667e06a9bfa31ed4192099d69ae0f8f612093
SSDEEP

3072:+LZ7u/suPcWZqQbrxTDy5DNc3eKwDsej8Zd11ooPXT+aiv+wvfj/o6deBOxcNGPE:+LZ/N0e4/ZKoPXnibvfjSBUcAPWfh

Score

N/A

Malware Config

Signatures

Files

1872ea08bdb7df86ae824537c4855ff56d6beb8755427e4774d5ddc5ad5fe3bf
.exe windows x86

9b52d24fb9f034354a4b2ff428c1ca65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
DuplicateTokenEx
OpenProcessToken
CreateProcessAsUserW
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
OpenSCManagerW
CloseServiceHandle
DeleteService
StartServiceW
QueryServiceStatusEx
ControlService
OpenServiceW
ChangeServiceConfig2W
CreateServiceW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegOpenKeyW
RegNotifyChangeKeyValue
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW

kernel32

DisconnectNamedPipe
SetEvent
DeviceIoControl
CancelIo
GetLocalTime
SetProcessShutdownParameters
LeaveCriticalSection
EnterCriticalSection
GetOverlappedResult
WaitForSingleObject
WaitForMultipleObjects
DeleteCriticalSection
TerminateProcess
ConnectNamedPipe
CreateNamedPipeW
CreateFileW
CreateEventW
InitializeCriticalSection
SetCurrentDirectoryW
GetCurrentDirectoryW
SetConsoleCtrlHandler
lstrcmpiW
GetFullPathNameW
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GetConsoleOutputCP
ReadFile
GetExitCodeProcess
CreateProcessW
GetStdHandle
CreatePipe
GetStartupInfoW
OpenThread
GetCurrentThreadId
GetVersionExW
OutputDebugStringA
OutputDebugStringW
GetVersion
WriteFile
FlushFileBuffers
GetCurrentProcess
CloseHandle
LoadLibraryW
GetLastError
GetProcAddress
Sleep
FreeLibrary
GetSystemDirectoryW
ResetEvent
GetVersionExA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitThread
CreateThread
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
HeapReAlloc
HeapSize
VirtualAlloc
LoadLibraryA
GetModuleHandleW
GetCPInfo
GetACP
GetOEMCP
WriteConsoleA
WriteConsoleW
SetFilePointer
SetStdHandle
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CreateFileA
SetEndOfFile
GetProcessHeap
VirtualProtect
GetSystemInfo
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualLock
VirtualUnlock
GetWindowsDirectoryA
LocalFree
LocalAlloc
GetVolumeNameForVolumeMountPointW
GetDriveTypeW
GetVolumePathNameW

user32

wsprintfW

shell32

SHChangeNotify
SHCreateDirectoryExA
SHGetFolderPathA

shlwapi

SHDeleteValueW
SHCopyKeyW
SHDeleteKeyW

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b52d24fb9f034354a4b2ff428c1ca65

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shell32

shlwapi

Sections

.text Size: 182KB - Virtual size: 182KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 182KB - Virtual size: 182KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 3KB