819e79ed62272d462b18ac694a05940219790c8859ea33e5b3fb5d401e789da3

General

Target

819e79ed62272d462b18ac694a05940219790c8859ea33e5b3fb5d401e789da3
Size

78KB
MD5

6f94409455b3973b7ca64d0791f013b0
SHA1

abbef3dd1bcad7d6fe53c1760084c7a607d7710c
SHA256

819e79ed62272d462b18ac694a05940219790c8859ea33e5b3fb5d401e789da3
SHA512

6eaf520f64f031d59c9ef0dbbd7e600ffed9c05cd9b3c3ee25d42094dc5a1c013ca1ed912fa293257015c2b9be6e7416eae8009d9899bea81edc6c210ada1932
SSDEEP

1536:Ex0viKK+MM4IXyszoaKiOr6Grg5GGdSbOzqLM:m0asMMbM4Or6Grg5GGgbwqo

Score

N/A

Malware Config

Signatures

Files

819e79ed62272d462b18ac694a05940219790c8859ea33e5b3fb5d401e789da3
.exe windows x86

d6e0a287ce22be79756b1894aaca621b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidFromStringA

kernel32

HeapFree
GetProcessHeap
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
lstrlenA
FreeLibrary
lstrcatA
GetProcAddress
RemoveDirectoryA
HeapAlloc
LoadLibraryA
DeleteFileA
lstrcpyA
lstrcpynA
WaitForSingleObject
GetFileAttributesA
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
CompareStringA
GetTempPathA
ExitProcess
CloseHandle
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetFileSize
CreateFileA
SetFileAttributesA

user32

wsprintfA
SendDlgItemMessageA
GetWindowRect
SetWindowPlacement
CharToOemA
SetWindowLongA
GetWindowLongA
DrawIcon
EndDialog
CheckDlgButton
ShowWindow
IsDlgButtonChecked
SetWindowTextA
LoadImageA
EnableWindow
DialogBoxParamA
GetDlgItem
GetWindowPlacement
SetDlgItemTextA
DestroyIcon

advapi32

OpenServiceA
CloseServiceHandle
RegDeleteValueA
OpenSCManagerA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
DeleteService
RegCreateKeyA

shell32

ShellExecuteExA

oleaut32

UnRegisterTypeLi

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d6e0a287ce22be79756b1894aaca621b

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

advapi32

shell32

oleaut32

Sections

.text Size: 7KB - Virtual size: 6KB

.rsrc Size: 13KB - Virtual size: 12KB

.text Size: 57KB - Virtual size: 60KB

.text
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 13KB - Virtual size: 12KB

.text
Size: 57KB - Virtual size: 60KB