b6c86c872b2496f7aee80f46a3ae61fbfed6b0bd9caf7bf1eb5be402a4ca4cd4

General

Target

b6c86c872b2496f7aee80f46a3ae61fbfed6b0bd9caf7bf1eb5be402a4ca4cd4
Size

181KB
MD5

70bfd035ada5753c8c507925f6a1d7e0
SHA1

31cb8430779f467778669f3c19d64a47a6afc74e
SHA256

b6c86c872b2496f7aee80f46a3ae61fbfed6b0bd9caf7bf1eb5be402a4ca4cd4
SHA512

d2758d30d658a7d1541ac6170a5d8b495787e9ad8cc1da6b90948597f33581afc56c210c713be2e60663fa215b8e790b3b6576c2aff62158ead6a42d4fc4985e
SSDEEP

3072:Umf8nNeuU6i5tGZHh9NPAvg3Bbv9Igei2HtsvkEl73IHhjEylDu2sZC6RT:Umfhuzi5kZHh9lAviAgn2HakEl73uvuo

Score

N/A

Malware Config

Signatures

Files

b6c86c872b2496f7aee80f46a3ae61fbfed6b0bd9caf7bf1eb5be402a4ca4cd4
.exe windows x86

cf90eefb44c296156dd7f3c3376f21b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetOEMCP
GetStdHandle
GetStringTypeA
GetStringTypeW
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
LCMapStringA
LCMapStringW
GetLastError
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
RtlUnwind
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetFileType
GetEnvironmentVariableA
GetCurrentProcess
GetCommandLineA
GetCPInfo
GetACP
FreeEnvironmentStringsW
ExitProcess
CreateFileMappingA
CreateEventA
LoadLibraryA
CloseHandle

advapi32

SetServiceStatus
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
StartServiceCtrlDispatcherA

shell32

SHAppBarMessage
SheSetCurDrive
ShellExecuteA
SHAddToRecentDocs

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf90eefb44c296156dd7f3c3376f21b1

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 133KB - Virtual size: 132KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 26KB - Virtual size: 26KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 133KB - Virtual size: 132KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 26KB - Virtual size: 26KB

.rsrc
Size: 14KB - Virtual size: 13KB