cb4403f08159e6626b6ee7600a5b7e3b58807be482202d00256f8db4b9aeff07

Sharing

Copy URL

Twitter E-mail

General

Target

cb4403f08159e6626b6ee7600a5b7e3b58807be482202d00256f8db4b9aeff07
Size

596KB
MD5

7a62086612f90d74fa1b4c014a02ed77
SHA1

011aa82057d30c6c75cea5a0d06d29acae0bd942
SHA256

cb4403f08159e6626b6ee7600a5b7e3b58807be482202d00256f8db4b9aeff07
SHA512

63a420da119d2d526811ca6e4317d0691b012bde24546a43880412cd19c109913056a895db7f64adfe461b7589b78153345610e6e179d1827869367a468c641b
SSDEEP

12288:cMFjPCrupcFSzJ+TN7IKT/t3smu3ofqK3B8FxbM:cMpaupwSzJ+jhsmuYfqm

Score

N/A

Malware Config

Signatures

Files

cb4403f08159e6626b6ee7600a5b7e3b58807be482202d00256f8db4b9aeff07
.exe windows x86

4903ae2ba0de2917f62a96b861da7cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymGetSymPrev64
FindExecutableImageEx
SymUnloadModule

advapi32

OpenServiceA
RegCloseKey
ControlService
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
OpenSCManagerA
RegOpenKeyExA
DeleteService
EqualSid
RegDeleteKeyA
CloseServiceHandle

authz

AuthzCachedAccessCheck

kernel32

GetShortPathNameA
HeapCreate
lstrlenA
CreateFileA
WriteFile
GetPrivateProfileStringA
GetSystemDirectoryA
GetOEMCP
lstrcpyA
HeapDestroy
GetEnvironmentStringsW
MoveFileExA
LCMapStringW
SetFilePointer
lstrcmpA
MapViewOfFile
GetStringTypeW
GetCurrentDirectoryA
GetWindowsDirectoryA
VirtualFree
GetDriveTypeA
GetStdHandle
FindFirstFileA
GetLastError
GetFullPathNameA
GetModuleFileNameA
LoadLibraryA
Sleep
GlobalFree
lstrcatA
CreateDirectoryA
GetProcAddress
GetStringTypeA
UnmapViewOfFile
SetEndOfFile
lstrcpynA
GetCommandLineA
ExitProcess
FindNextFileA
CloseHandle
RemoveDirectoryA
GetFileAttributesA
GetVersionExA
DeleteFileA
GetVersion
SetFileAttributesA
GetFileSize
GlobalAlloc
FindClose
HeapAlloc
GetFileType
GetACP
FreeEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetCPInfo
CreateFileMappingA
GetModuleHandleA

crypt32

CertVerifyValidityNesting
CryptMemAlloc
CryptVerifyDetachedMessageHash

Sections

.text
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 148KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4903ae2ba0de2917f62a96b861da7cdf

Headers

File Characteristics

Imports

dbghelp

advapi32

authz

kernel32

crypt32

Sections

.text Size: 77KB - Virtual size: 80KB

.data Size: 240KB - Virtual size: 240KB

.data1 Size: 115KB - Virtual size: 115KB

.pdata Size: 148KB - Virtual size: 164KB

.idata Size: 11KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 80KB

.data
Size: 240KB - Virtual size: 240KB

.data1
Size: 115KB - Virtual size: 115KB

.pdata
Size: 148KB - Virtual size: 164KB

.idata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB