423ec928941b9a03ec6c7636d94be4ae27fb7d6ff6389f015b9607d4f4bdc53b

Sharing

Copy URL

Twitter E-mail

General

Target

423ec928941b9a03ec6c7636d94be4ae27fb7d6ff6389f015b9607d4f4bdc53b
Size

144KB
MD5

a10fad3726ad3ef00bce66c181272060
SHA1

ac90dca63947a8581f762add8cb48417d796e85b
SHA256

423ec928941b9a03ec6c7636d94be4ae27fb7d6ff6389f015b9607d4f4bdc53b
SHA512

6fce8dbfa710c054d1bc9a8766bf925ccea2ef2c45050932ed73f97464daf1260f8ee700788647ea2f09af2572e5260d0c9fe87b4ae859fff5ca34ba0f0f5f28
SSDEEP

3072:xp43sucJG8+pU6HQ3Ej58zHP1/CQuoQCafg7cRxXHws0:PCTQ6H5jWpuoRLcRxgs0

Score

N/A

Malware Config

Signatures

Files

423ec928941b9a03ec6c7636d94be4ae27fb7d6ff6389f015b9607d4f4bdc53b
.exe windows x86

1a55b1ff83cc496651ccc5bfd392aec4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
Sleep
GetLastError
GetVersionExA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetStartupInfoA
GetModuleHandleA
WriteFile
OpenProcess
GetCurrentProcess
DuplicateHandle
GetProcAddress
CreateFileA
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
CloseHandle
LoadLibraryA
GetModuleFileNameA

user32

DefWindowProcA
PostQuitMessage
RegisterClassExA
DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA

advapi32

StartServiceA
CreateServiceA
OpenServiceA
DeleteService
CloseServiceHandle
LookupAccountNameA
GetUserNameA
OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ConvertSidToStringSidA

shlwapi

StrStrA
SHDeleteKeyA
SHSetValueA

msvcrt

_exit
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_access
rand
sprintf
_except_handler3
srand
time
??3@YAXPAX@Z
??2@YAPAXI@Z
fclose
fflush
fwrite
fopen
strstr
_strlwr
_XcptFilter
exit
_acmdln
__getmainargs

dbghelp

ImageNtHeader

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a55b1ff83cc496651ccc5bfd392aec4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

dbghelp

version

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 108KB - Virtual size: 105KB

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 108KB - Virtual size: 105KB

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB