3795aed8847da2ec1167c4c11bbc348b05c23e5ad23efcd9a3446d207428b3d4

Sharing

Copy URL

Twitter E-mail

General

Target

3795aed8847da2ec1167c4c11bbc348b05c23e5ad23efcd9a3446d207428b3d4
Size

210KB
MD5

962f44da91c2ae5e7bb924399d52e0c0
SHA1

6d94903cdacf31e63c6fd8dca0522a0e039d69a6
SHA256

3795aed8847da2ec1167c4c11bbc348b05c23e5ad23efcd9a3446d207428b3d4
SHA512

31443091bc7768c7af98b3ac77453b5a028090c6b6b85a236a3d48927da10c849ef87bd8317db27d7b0e61f17280f93ea2641c256283a7d4ef5f4f49bcb2bd56
SSDEEP

6144:h2LrpVCsKR/B4seyhUE9/8KlvtIbPa+1VEuKtieTA:hUrzR8Gs9JSKxtCJHEukA

Score

N/A

Malware Config

Signatures

Files

3795aed8847da2ec1167c4c11bbc348b05c23e5ad23efcd9a3446d207428b3d4
.exe windows x86

7e561b179bf081971103048ddd3ec827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
LoadLibraryW
SetUnhandledExceptionFilter
FindClose
lstrcmpiW
SetLastError
lstrcpynW
GetSystemTime
SetEvent
LeaveCriticalSection
OutputDebugStringA
CloseHandle
InitializeCriticalSection
SetFileAttributesW
ReadFile
GetFileSize
GetCurrentProcess
QueryPerformanceCounter
DeleteCriticalSection
lstrcpyW
WriteFile
GetCPInfo
WaitForMultipleObjects
GetSystemTimeAsFileTime
SetEndOfFile
GetTickCount
FindNextFileW
GetLastError
GetFileAttributesExW
WaitForSingleObject
GetStartupInfoA
FormatMessageA
GetLocaleInfoW
lstrlenW
SetFilePointer
CreateThread
ExpandEnvironmentStringsW
GetCurrentProcessId
IsDebuggerPresent
LocalFree
CreateEventW
GetTimeZoneInformation
ResetEvent
FormatMessageW
FindFirstFileW
lstrcatW
LocalAlloc

ntdll

RtlCreateSecurityDescriptor
RtlAdjustPrivilege
RtlFreeSid
NtClose
RtlLengthSecurityDescriptor
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtSetInformationThread
NtOpenProcessToken
RtlLengthSid
RtlAllocateHeap
RtlAnsiStringToUnicodeString
RtlNtStatusToDosError
RtlMakeSelfRelativeSD
NtQueryInformationToken
RtlUnicodeStringToAnsiString
RtlValidSecurityDescriptor
NtDuplicateToken
RtlCreateAcl
RtlInitAnsiString
RtlAllocateAndInitializeSid

msvcrt

printf
_except_handler3
exit
_iob
__getmainargs
__set_app_type
fprintf
wcsrchr
wcscat
__p__commode
iswalpha
wcslen

rpcrt4

RpcSmDestroyClientContext
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoW
RpcBindingFromStringBindingW
RpcEpResolveBinding
NdrClientCall2

advapi32

StartServiceA
RegUnLoadKeyW
RegOpenKeyW
OpenSCManagerA
OpenSCManagerW
TraceMessage
MakeSelfRelativeSD
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
QueryServiceStatus
RegConnectRegistryW
ControlService
CloseServiceHandle
OpenServiceW
OpenServiceA

ole32

CoCreateInstanceEx
CoInitializeEx
CoUninitialize

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e561b179bf081971103048ddd3ec827

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

rpcrt4

advapi32

ole32

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 39KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 39KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB