85a2e57f421c8a1b564ee2e2de43adf4cb41fbdac21fe77aa4fe7fea7efe0cbd

Sharing

Copy URL Twitter E-mail

General

Target

85a2e57f421c8a1b564ee2e2de43adf4cb41fbdac21fe77aa4fe7fea7efe0cbd
Size

144KB
MD5

a0985c48ae5a2d2b3c0e186b3ad1b6e0
SHA1

8605d656aaff545f436db2f198c504d390bb2926
SHA256

85a2e57f421c8a1b564ee2e2de43adf4cb41fbdac21fe77aa4fe7fea7efe0cbd
SHA512

e17bd94fc0b082dd469ea57aa76a521d62a165b69732f4ef7dcac9f1c7bf7b69714cf85263d9bb6bdfd07a2a85ad9e6d1887850128dd68cf52578e20489616a0
SSDEEP

3072:MGfyTfFNJg/Be9Oy8XyPcpJuPFbNEV3w4tmmlK:4bdyxaJNS3wH

Score

N/A

Malware Config

Signatures

Files

85a2e57f421c8a1b564ee2e2de43adf4cb41fbdac21fe77aa4fe7fea7efe0cbd
.exe windows x86

b6b670344e78e794e339e76d69884684

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExA
Sleep
WinExec
WriteFile
GetLastError
GetModuleFileNameA
SetFileTime
GetFileAttributesExA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
DuplicateHandle
GetSystemDirectoryA
OpenProcess
LoadLibraryA
GetProcAddress
CloseHandle

user32

DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
RegisterClassExA
DefWindowProcA
PostQuitMessage
ShowWindow
CreateWindowExA

advapi32

RegQueryValueExA
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle
LookupAccountNameA
GetUserNameA
RegCloseKey
RegOpenKeyExA
CreateServiceA
StartServiceA
ConvertSidToStringSidA

shlwapi

SHDeleteKeyA
SHSetValueA

msvcrt

_exit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
fclose
fflush
fwrite
fopen
_except_handler3
sprintf
_access
rand
srand
time
strstr
??3@YAXPAX@Z
??2@YAPAXI@Z
_stricmp
_XcptFilter
exit
_acmdln
__getmainargs

dbghelp

ImageNtHeader

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6b670344e78e794e339e76d69884684

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

dbghelp

version

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 104KB - Virtual size: 102KB

edata Size: 4KB - Virtual size: 4B

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 104KB - Virtual size: 102KB

edata
Size: 4KB - Virtual size: 4B

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB