fe8a5f758385fde1ebf85f58415ddd1b9f1199539b51f1d7a9ca7bf84ca189a0

Sharing

Copy URL

Twitter E-mail

General

Target

fe8a5f758385fde1ebf85f58415ddd1b9f1199539b51f1d7a9ca7bf84ca189a0
Size

120KB
MD5

9047ad8231612bafb574d619ff5bd282
SHA1

771bab7eeaef977bbb7a807ef5eafef746a68ca8
SHA256

fe8a5f758385fde1ebf85f58415ddd1b9f1199539b51f1d7a9ca7bf84ca189a0
SHA512

397db20c39d36a14545c08adcce941e2a44e3ad2219c4c1799fa97685d704007d4e0432768132b1de4f1b0941b75853c23d89f01a65d7f194073c0ba7e886bed
SSDEEP

1536:XdwEKBZyl9nAb5M6PkpTHY0AQd+neY/eSDy8ZrwHI5ugZ5pbypvdNU2RS5SmpNKF:twvmlFV6saFC8ZrwHI5ugrpbEwYm5x

Score

N/A

Malware Config

Signatures

Files

fe8a5f758385fde1ebf85f58415ddd1b9f1199539b51f1d7a9ca7bf84ca189a0
.dll windows x86

5dfe22376d76336ceb29ca600a4821ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegDeleteKeyW
CloseServiceHandle
LookupAccountSidW
RegOpenKeyExW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
RegSetValueExA
EqualSid
LockServiceDatabase
RegCreateKeyExW
LookupPrivilegeValueA
RegDeleteKeyA
GetTokenInformation
RegQueryInfoKeyW
RegCreateKeyExA
RegQueryValueW
RegQueryValueExW
AllocateAndInitializeSid
RegEnumValueW
ChangeServiceConfig2A
FreeSid

version

GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

kernel32

RtlUnwind
GetStringTypeW
MultiByteToWideChar
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetModuleHandleA
GetHandleInformation
LoadLibraryA
GetProcAddress
IsValidLocale
WideCharToMultiByte
HeapSize
IsBadWritePtr
GetThreadLocale
LCMapStringW
LoadLibraryW
SearchPathW
GetLastError
WriteConsoleW
GetShortPathNameA
LoadLibraryExW
GetVersionExA
GetTempFileNameW
GetSystemInfo
ReadFile
VirtualFree
SystemTimeToFileTime
GetCPInfo
LCMapStringA
HeapAlloc
FindResourceA
CreateProcessW
VirtualAlloc
GlobalHandle
HeapFree
ExitProcess
ExpandEnvironmentStringsA
CopyFileA
SetStdHandle
IsBadStringPtrW
GetVersionExW
LeaveCriticalSection
GetCurrentThread
GetModuleFileNameW
CreateMutexA
CompareStringW
GetStringTypeA
lstrcmpA
ExitThread
UnmapViewOfFile
GetStartupInfoW
GetTimeFormatA
SetCurrentDirectoryA
lstrcpynW
GetConsoleCP
LockResource
IsValidCodePage
Sleep
SetPriorityClass
lstrcmpiW
GetFileTime
FormatMessageA
HeapDestroy
GetFileType
CreateThread
CopyFileW
GetSystemTime
GetCommandLineA
GetVersion
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP

Exports

Exports

Rppqgn

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dfe22376d76336ceb29ca600a4821ab

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 53KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 53KB

.reloc
Size: 8KB - Virtual size: 6KB