d16455926acf41c79b84e25e693c89847417cc9c033c1f3f9c0def07d2a01bf9

General

Target

d16455926acf41c79b84e25e693c89847417cc9c033c1f3f9c0def07d2a01bf9
Size

92KB
MD5

806df3def88b89486391f80c05dc9890
SHA1

4730c7978d910d489f06a081bc9352948de67cb2
SHA256

d16455926acf41c79b84e25e693c89847417cc9c033c1f3f9c0def07d2a01bf9
SHA512

2c20dd82a596aeeb75e57b86a174c467c7d0465f97a1d3e2d906e38746d32b684f3ef0008c0dffd6bf5df81103ab01ff79d3bdc99b0820de4038fb2454ac345c
SSDEEP

1536:xfTsCJ2KApCTlFFfWOvBXIlF8CizawOPWshwaPhKcNjC5ENcfl2Rw6:RZ2KlFsORIl9DwOPWshw4ccFC5ENc92R

Score

N/A

Malware Config

Signatures

Files

d16455926acf41c79b84e25e693c89847417cc9c033c1f3f9c0def07d2a01bf9
.exe windows x86

54e74bdcf8443eab07f036667c6c1180

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW

advapi32

QueryServiceStatus
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CloseServiceHandle
StartServiceW
RegisterEventSourceW
OpenServiceW
OpenSCManagerW
QueryServiceConfigW
RegSetValueExW
RegEnumKeyExW
DeregisterEventSource
ReportEventW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantClear
SysFreeString
GetErrorInfo

kernel32

GetTickCount
GetVersionExW
GetComputerNameW
FormatMessageW
LocalFree
FreeLibrary
Sleep
LoadLibraryW
GetProcAddress
GetLastError

msvcrt

wcscpy
wcsncat
div
wcscmp
__set_app_type
__p__fmode
_except_handler3
_adjust_fdiv
_onexit
__dllonexit
_wcsicmp
wcslen
_wtoi
wcsncpy
memset
_ultow
wcscat
_controlfp
wprintf
swprintf
__setusermatherr
_exit
_itow
__p__commode
free
malloc
wcschr
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm

netapi32

NetApiBufferFree
NetGetAnyDCName

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54e74bdcf8443eab07f036667c6c1180

Headers

File Characteristics

Imports

user32

advapi32

ole32

oleaut32

kernel32

msvcrt

netapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 32KB - Virtual size: 32KB