181df7fc956b0adc599cb2b3e95adbb4ff368dcee72b884a3432c856a13c5e71

Sharing

Copy URL Twitter E-mail

General

Target

181df7fc956b0adc599cb2b3e95adbb4ff368dcee72b884a3432c856a13c5e71
Size

982KB
MD5

81758d5deedf53965f4721f89ad552df
SHA1

02f16258c7e759afd9e7d0fcb4c699dcfabf941c
SHA256

181df7fc956b0adc599cb2b3e95adbb4ff368dcee72b884a3432c856a13c5e71
SHA512

dd94a360ea3f06fb32e6e8f09d1f1123a0d2ac676bffc0c76ef8ae0c78d900c503d6b49491755c56f430deaca36114c1691d0e5d3f73045da5233b4a6fc1bb73
SSDEEP

24576:FB0UUr6qso7aqaPtQM+W+JRti1lla7ULaZ:70aq7ah/EtK/3La

Score

N/A

Malware Config

Signatures

Files

181df7fc956b0adc599cb2b3e95adbb4ff368dcee72b884a3432c856a13c5e71
.exe windows x86

994b362ae8f18678d951ec483dcc3852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2W
LookupPrivilegeValueW
RegQueryInfoKeyW
RegOpenKeyExW
IsTextUnicode
DeleteService
ControlService
RegEnumValueW
QueryServiceStatus
AdjustTokenPrivileges
OpenProcessToken
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
OpenServiceW
RegDeleteKeyW
CloseServiceHandle
ChangeServiceConfigW
RegEnumKeyExW
StartServiceW
RegDeleteValueW
RegSetValueExW
OpenSCManagerW
CreateServiceW

psapi

GetModuleFileNameExW
EnumProcessModules

shlwapi

PathFindExtensionW
PathRenameExtensionW
PathIsRelativeW
PathRemoveFileSpecA
PathFileExistsW
PathStripToRootW
PathAppendA
PathStripPathW
PathFindFileNameA
PathFindFileNameW
PathCombineW
SHDeleteKeyW
PathAddBackslashW
PathAppendW
PathRemoveFileSpecW
PathRemoveBackslashW
PathAddBackslashA
PathIsRootW
PathIsDirectoryW
SHDeleteKeyW
PathFindExtensionW

kernel32

LocalFileTimeToFileTime
SetEnvironmentVariableA
SetFileTime
GetStartupInfoW
RaiseException
GetLocaleInfoW
GlobalUnlock
GlobalAddAtomA
WriteConsoleA
GetEnvironmentVariableW
GetCPInfo
GetCurrentProcessId
FileTimeToSystemTime
LockResource
EnumSystemLocalesA
SetFilePointer
LoadResource
FreeLibrary
CreateFileA
MultiByteToWideChar
EndUpdateResourceA
HeapReAlloc
SizeofResource
CreateToolhelp32Snapshot
LocalAlloc
FlushFileBuffers
CreateEventW
GetProcAddress
SetStdHandle
GetLastError
InterlockedDecrement
GetVersion
QueryPerformanceCounter
GetSystemWow64DirectoryW
GetSystemInfo
HeapCreate
GetLocaleInfoA
GetFileType
FileTimeToLocalFileTime
GetVersionExA
LoadLibraryW
CompareFileTime
HeapFree
UpdateResourceW
DeleteFileA
EnumResourceLanguagesW
GetFileSize
GetStringTypeW
RtlUnwind
TlsGetValue
WriteFile
HeapDestroy
GetModuleHandleA
GetCommandLineA
GetStdHandle
GetConsoleCP
SetEvent
FindResourceW
InterlockedCompareExchange
HeapSize
RemoveDirectoryW
VerifyVersionInfoW
VirtualAlloc
GetUserDefaultLCID
IsDebuggerPresent
ExitProcess
OpenProcess
ConvertDefaultLocale
FreeEnvironmentStringsW
LCMapStringW
BeginUpdateResourceW
LCMapStringA
InterlockedExchange
GetUserDefaultLangID
MoveFileExW
Process32NextW
InterlockedIncrement
SystemTimeToTzSpecificLocalTime
GetConsoleOutputCP
SetHandleCount
VirtualFree
GetSystemDirectoryW
CreateMutexW
InitializeCriticalSection
WriteConsoleW
TlsFree
GetEnvironmentStringsW
DosDateTimeToFileTime
GetOEMCP
ReadFile
GetSystemTimeAsFileTime
SetFileAttributesW
GetCurrentDirectoryW
CreateThread
SetErrorMode
GetTickCount
HeapAlloc
TerminateProcess
GetEnvironmentStrings
LoadLibraryExW
WaitForSingleObject
GetCurrentThreadId
CompareStringW
GetConsoleMode
DeleteCriticalSection
IsValidCodePage
GlobalLock
GetVersionExW
MoveFileW
GetModuleFileNameA
GetWindowsDirectoryW
GlobalAlloc
GetUserDefaultUILanguage
FileTimeToDosDateTime
GetFileTime
Sleep
WideCharToMultiByte
UnhandledExceptionFilter
GetLocalTime
LoadLibraryA
DeleteFileW
SetEndOfFile
CloseHandle
FindClose
CreateFileW
GetStringTypeA
GetTempPathW
TlsAlloc
IsValidLocale
GetExitCodeProcess
GetProcessHeap
EnterCriticalSection
FindNextFileW
CopyFileW
TlsSetValue
SetFileAttributesA
GetStartupInfoA
GetModuleFileNameW
FreeEnvironmentStringsA
GlobalFree
LeaveCriticalSection
GetFileAttributesA
Process32FirstW
SetUnhandledExceptionFilter
CreateProcessW
FindFirstFileW
GetFileAttributesW
GetModuleHandleW
GetFileInformationByHandle
CompareStringA
GetCurrentProcess
GetACP
VerSetConditionMask
GetCommandLineW
SetLastError
GetTempFileNameW

setupapi

SetupCloseInfFile
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupGetStringFieldW
SetupDiGetINFClassW
SetupGetLineTextW
SetupFindFirstLineW
SetupOpenInfFileW
SetupFindNextLine

gdi32

SetTextColor
GetStockObject
CreateCompatibleDC
SelectObject
DeleteObject
GetTextExtentPoint32W
CreateFontW
DeleteDC
SetBkMode

shell32

SHGetFolderPathW
SHCreateDirectoryExA
SHCreateDirectoryExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

EnableWindow
GetClientRect
GetWindowModuleFileNameW
LoadStringW
wsprintfW
EnumWindows
ExitWindowsEx
PostMessageW
MonitorFromWindow
GetWindowLongW
DialogBoxIndirectParamW
SetWindowPos
DrawTextW
MessageBoxIndirectW
SendMessageW
SetWindowTextW
GetDC
LoadImageW
ReleaseDC
DialogBoxParamW
OffsetRect
SetRectEmpty
EndDialog
SetFocus
AdjustWindowRect
ShowWindow
LoadIconW
SetTimer
KillTimer
SetDlgItemTextW
GetDlgItem
GetWindowThreadProcessId
GetMonitorInfoW
GetWindowRect

ole32

CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 622KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

994b362ae8f18678d951ec483dcc3852

Headers

File Characteristics

Imports

advapi32

psapi

shlwapi

kernel32

setupapi

gdi32

shell32

version

user32

ole32

Sections

.text Size: 622KB - Virtual size: 622KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 319KB - Virtual size: 3.6MB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 622KB - Virtual size: 622KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 319KB - Virtual size: 3.6MB

.rsrc
Size: 32KB - Virtual size: 31KB