0ddc0f51f16a49c6ea129b63eecbd2001ddcaac050f595fca5eede491f7a7693

Sharing

Copy URL

Twitter E-mail

General

Target

0ddc0f51f16a49c6ea129b63eecbd2001ddcaac050f595fca5eede491f7a7693
Size

607KB
MD5

da863294f14ea0c1ab3e68ba6b45f0cf
SHA1

c9143d4a1ef5d493660832efef9ff5df52e39a55
SHA256

0ddc0f51f16a49c6ea129b63eecbd2001ddcaac050f595fca5eede491f7a7693
SHA512

992504c05a79439bd4a78afa1bcd3162fa10fcd8c5f6988086104dc9035b7bffffe3b06f00a22634b00282b4d6a0685a984c887f731db9e41cc26e1d66a75bcc
SSDEEP

12288:f9C97J5k4se/Si1o3lHkvvCuKgwdMsAA:f9s7JLUi1olHuquKgwdvA

Score

N/A

Malware Config

Signatures

Files

0ddc0f51f16a49c6ea129b63eecbd2001ddcaac050f595fca5eede491f7a7693
.exe windows x86

dd8f14c926eb367014685721702b9e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

authz

AuthzInitializeContextFromToken

advapi32

CloseServiceHandle
RegSetValueExA
ControlService
RegOpenKeyA
EqualSid
OpenSCManagerA
RegDeleteKeyA
OpenServiceA
RegCloseKey
DeleteService
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA

dbghelp

FindExecutableImageEx
SymGetSymPrev64
SymUnloadModule

kernel32

GetDriveTypeA
HeapAlloc
GetEnvironmentStringsW
GetSystemDirectoryA
lstrcpynA
RemoveDirectoryA
lstrcmpA
GetStringTypeA
GetPrivateProfileStringA
GetStartupInfoA
GetFullPathNameA
GetCommandLineA
DeleteFileA
GlobalAlloc
CreateFileA
GetVersionExA
HeapDestroy
GetLastError
lstrlenA
GetStringTypeW
GetCurrentDirectoryA
Sleep
GetModuleHandleA
WriteFile
FindClose
FreeEnvironmentStringsW
SetFilePointer
lstrcatA
LoadLibraryA
GetShortPathNameA
VirtualFree
UnmapViewOfFile
ExitProcess
FindFirstFileA
CloseHandle
MoveFileExA
LCMapStringW
GetWindowsDirectoryA
GetProcAddress
GlobalFree
GetCPInfo
MapViewOfFile
GetOEMCP
CreateDirectoryA
GetFileSize
lstrcpyA
CreateFileMappingA
SetHandleCount
GetFileAttributesA
GetVersion
GetFileType
HeapCreate
GetModuleFileNameA
SetFileAttributesA
FindNextFileA
SetEndOfFile
GetACP
GetStdHandle

crypt32

CertVerifyValidityNesting
CryptMemAlloc
CryptVerifyDetachedMessageHash

Sections

.text
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 120KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd8f14c926eb367014685721702b9e4b

Headers

File Characteristics

Imports

authz

advapi32

dbghelp

kernel32

crypt32

Sections

.text Size: 75KB - Virtual size: 76KB

.data Size: 240KB - Virtual size: 240KB

.data1 Size: 157KB - Virtual size: 157KB

.pdata Size: 120KB - Virtual size: 136KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 76KB

.data
Size: 240KB - Virtual size: 240KB

.data1
Size: 157KB - Virtual size: 157KB

.pdata
Size: 120KB - Virtual size: 136KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB