145dfdfb3d09af7be365929cb6fcd1a1a48f43d882c7b36dfe033db1bee56b6f

Sharing

Copy URL Twitter E-mail

General

Target

145dfdfb3d09af7be365929cb6fcd1a1a48f43d882c7b36dfe033db1bee56b6f
Size

1.2MB
MD5

a205f24179e2ceb7ee88fb7a82ce420c
SHA1

b7c7966561bb42e74787451fc9923d6e5dd86929
SHA256

145dfdfb3d09af7be365929cb6fcd1a1a48f43d882c7b36dfe033db1bee56b6f
SHA512

9db568be35e76f80c022c3efc0eace16328609f2b24adb0ca6b52b55f6925b0e6b3185a33ea8f006023036d377bf484446a2e2ebac22f107e0ebc76f0330ba9a
SSDEEP

24576:ejPR1UGC/T68/iM3LrswWysm33AjY+IPmKs+oe0vbK36VQjFz:ejpOGO53LUys0AjYt5yBj3VQjFz

Score

N/A

Malware Config

Signatures

Files

145dfdfb3d09af7be365929cb6fcd1a1a48f43d882c7b36dfe033db1bee56b6f
.exe windows x86

3bf8143431d868f673e51fa638546d8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
DeleteFileA
GetShortPathNameA
CreateProcessA
LockResource
GetModuleHandleA
GetSystemDirectoryA
WritePrivateProfileStringA
CompareStringA
InterlockedExchange
SetLastError
CreateFileA
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
CreateDirectoryA
GetVersionExA
Sleep
SetFilePointer
GetLocalTime
WriteFile
LoadLibraryA
LoadResource
SizeofResource
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetLastError
DeleteCriticalSection
GetModuleFileNameA
InitializeCriticalSection
HeapSize
LCMapStringA
GetOEMCP
RaiseException
GetSystemTimeAsFileTime
SetEndOfFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeA
FlushFileBuffers
GetConsoleMode
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetACP
GetLocaleInfoA
GetThreadLocale
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
HeapReAlloc
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCommandLineA
GetConsoleCP

advapi32

OpenServiceW
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
OpenThreadToken
OpenProcessToken
CreateServiceW
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegCloseKey
SetServiceStatus
ChangeServiceConfigW
ControlService
DeleteService
OpenSCManagerW
CloseServiceHandle

user32

WaitForInputIdle
MessageBoxA
CharNextA
UnregisterClassA

gdi32

DeleteObject

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

ole32

CoUninitialize
StringFromGUID2
CoCreateInstance
CoInitializeSecurity
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoInitialize
CoTaskMemFree

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bf8143431d868f673e51fa638546d8f

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

version

rpcrt4

ole32

oleaut32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB