f5db434c57b13d35dac663c5a19c576639832cc203708b06f2d0cc97111bbba9

General

Target

f5db434c57b13d35dac663c5a19c576639832cc203708b06f2d0cc97111bbba9
Size

176KB
MD5

5c72d4cb5dd630bea8950f5e9116c5ba
SHA1

35cf7d565f912047c893316a3e6606b8838fd029
SHA256

f5db434c57b13d35dac663c5a19c576639832cc203708b06f2d0cc97111bbba9
SHA512

a3d67af0a450fbfc8adf2441a2dc9501c65dd1f5b7eba305380d86eb687dbc82b0761fda957ec2009df05a571fe244a04b74314b3e5884167cf4bbe3494a4bdd
SSDEEP

3072:g7gCLstqXFrfotc6fx7LhlxuWuB2415VxUifbuKAwi17:wJLJFctckRmH5jDfbuKAw

Score

N/A

Malware Config

Signatures

Files

f5db434c57b13d35dac663c5a19c576639832cc203708b06f2d0cc97111bbba9
.exe windows x86

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
DeleteFileA
WinExec
CopyFileA
GetWindowsDirectoryA
ExitProcess
CloseHandle
HeapFree
GetProcessHeap
GetLastError
GetTempPathA
GetModuleHandleA
GetCurrentProcess
lstrlenA
GetLocalTime
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
Process32Next
LoadLibraryA
GetProcAddress
GetModuleFileNameA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
LCMapStringW
LCMapStringA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
GetStringTypeW

advapi32

ChangeServiceConfigA
LockServiceDatabase
UnlockServiceDatabase
ControlService
StartServiceA
OpenProcessToken
LookupPrivilegeValueA
OpenServiceA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
GetUserNameA

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 120KB - Virtual size: 120KB