fffd8bd79c78c65b481ca9d013e250431e412c5d527e26d464befb4b2d2479cf

General

Target

fffd8bd79c78c65b481ca9d013e250431e412c5d527e26d464befb4b2d2479cf
Size

112KB
MD5

73c60143804d379526be7fad06fa6f2d
SHA1

c01806dc5be8305945a2441be87bd3c92d29042a
SHA256

fffd8bd79c78c65b481ca9d013e250431e412c5d527e26d464befb4b2d2479cf
SHA512

b7a1be8ab8a6c910f24e884bd21515a9934099e9050273482a97cf21c6d9eafef192359e624ee9fa96a8099e1623561632ae79bc745da8e9f1e1d4c323fb6a13
SSDEEP

1536:X/XOq1IMgZomS878feVIwM4kWzrr40ikX7AYaFlGQHidCO9uZxAZCAkqq4BQduxz:XbOomS+8fOd42M/kdv1CUbnNBfge

Score

N/A

Malware Config

Signatures

Files

fffd8bd79c78c65b481ca9d013e250431e412c5d527e26d464befb4b2d2479cf
.exe windows x86

f16a1c49a574911c8a8fddb0871e4731

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
GetStringTypeA
ExitProcess
LoadLibraryA
GetProcAddress
FreeLibrary
CreateThread
CloseHandle
CreateMutexA
GetModuleFileNameA
MultiByteToWideChar
GetLastError
GetOEMCP
GetACP
GetCPInfo
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetStringTypeW

user32

DispatchMessageA
TranslateMessage
GetMessageA

advapi32

RegQueryValueExA
RegCloseKey
SetServiceStatus
OpenServiceA
DeleteService
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
RegOpenKeyExA

rpcrt4

NdrServerInitializeNew
NdrConvert
RpcRaiseException
I_RpcGetBuffer
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f16a1c49a574911c8a8fddb0871e4731

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 76KB - Virtual size: 76KB