b4b443efd22dec9df221a0f2ba64105b54db9735fba337446515e3a6b15edffb

General

Target

b4b443efd22dec9df221a0f2ba64105b54db9735fba337446515e3a6b15edffb
Size

138KB
MD5

4e059bff6c321e15a91d427d88c83b10
SHA1

358d15e7c64b3c652f7177c9ee40dad49720f624
SHA256

b4b443efd22dec9df221a0f2ba64105b54db9735fba337446515e3a6b15edffb
SHA512

4833defd5560239e543d35401e0886b45a286fbd33b88c1cfd49fea10431825053d4264eec785ef60c57abdef507791fe542aee02b9cc65767a01ee480e7c123
SSDEEP

3072:KnhA+5A5Ga6jU2aRiZHLcPdn0Mlk6Iek4TA:uhA+5Gdipc6H1B

Score

N/A

Malware Config

Signatures

Files

b4b443efd22dec9df221a0f2ba64105b54db9735fba337446515e3a6b15edffb
.exe windows x86

b86c97b0694705d796c7e2dfcbc3955c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegisterEventSourceW
RegisterServiceCtrlHandlerW
ReportEventW
SetServiceStatus
StartServiceCtrlDispatcherW

winmm

timeKillEvent
timeSetEvent

user32

wsprintfA
wsprintfW

kernel32

WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
CloseHandle
ConnectNamedPipe
ConvertFiberToThread
CreateEventW
CreateFileA
CreateThread
DebugBreakProcess
DeviceIoControl
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemTime
GetVersion
GetVersionExA
HeapCreate
HeapDestroy
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueueUserWorkItem
ReleaseSemaphore
RtlUnwind
SetCommConfig
SetEvent
SetHandleCount
SetLastError
SetNamedPipeHandleState
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b86c97b0694705d796c7e2dfcbc3955c

Headers

File Characteristics

Imports

advapi32

winmm

user32

kernel32

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 15KB - Virtual size: 15KB