d5d5c99e4fac6808a6e32e5cc046172e05f9c217077868043dad8a7511d60324

Sharing

Copy URL Twitter E-mail

General

Target

d5d5c99e4fac6808a6e32e5cc046172e05f9c217077868043dad8a7511d60324
Size

72KB
MD5

9087310f65011a9b53dc5f20a3d7e474
SHA1

d3a711d386cb5fe5586c274f5bad965e6123b502
SHA256

d5d5c99e4fac6808a6e32e5cc046172e05f9c217077868043dad8a7511d60324
SHA512

aedb0e41909142882effe5716b760307fec724ddd559bccd78b04a1a110a0d7f1472c0fc96ea6189cab508d55b0a46a5af0bffa3b6e809025b72eb47d0769bda
SSDEEP

1536:jAQMgbNO+byzMpLKArBCWAu6PIZCghtBNoArj:jAQrNxbbcu8IZCstPoArj

Score

N/A

Malware Config

Signatures

Files

d5d5c99e4fac6808a6e32e5cc046172e05f9c217077868043dad8a7511d60324
.exe windows x86

f7aab70a1cd7fc139d36f8575bc58fc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetConsoleCtrlHandler
Sleep
GetModuleFileNameW
FormatMessageW
lstrlenW
SetEvent
CreateEventW
CreateNamedPipeW
ResetEvent
GetLastError
WaitForMultipleObjects
ConnectNamedPipe
ReadFile
WriteFile
DisconnectNamedPipe
CloseHandle
LocalAlloc
LocalFree
HeapFree
HeapAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetStdHandle
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA

advapi32

EqualSid
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerW
CreateServiceW
CloseServiceHandle
SetServiceStatus
RegisterEventSourceW
ReportEventW
DeregisterEventSource
AllocateAndInitializeSid
GetFileSecurityW
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
SetFileSecurityW
SetSecurityDescriptorDacl
AddAccessAllowedAce
AddAce
GetAce
InitializeAcl

shell32

CommandLineToArgvW

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7aab70a1cd7fc139d36f8575bc58fc6

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 12KB - Virtual size: 9KB