1d58a3d78a3bdfc0a873ac98ffbee4114d0cce3fbb1db7a7866b29bdf0991f7a

Sharing

Copy URL Twitter E-mail

General

Target

1d58a3d78a3bdfc0a873ac98ffbee4114d0cce3fbb1db7a7866b29bdf0991f7a
Size

19KB
MD5

824fc4ff816df048192de00b8e27644b
SHA1

6550ac30f61a55838a75643d4cb11a9f1a77a6e7
SHA256

1d58a3d78a3bdfc0a873ac98ffbee4114d0cce3fbb1db7a7866b29bdf0991f7a
SHA512

9184be942d8a699c055b0fc1c3a8cf4015c8d3e489f07c9def6f1c19de06f89b33ad3fd64c428d0e020fc16978afda6e87ba383440769b6cf023565a59ba5013
SSDEEP

384:zSW6RCnvv9XtUiDogiyWUnOljz+448zlgHUvnAg+4V/GOB3LW8H6sbTZ:/XlXtUiMg6UO5N1+I9B3LZxbTZ

Score

N/A

Malware Config

Signatures

Files

1d58a3d78a3bdfc0a873ac98ffbee4114d0cce3fbb1db7a7866b29bdf0991f7a
.exe windows x86

eff8beedaa659d68b7a6eeef14aee522

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
OpenProcess
SetLastError
Sleep
SetEvent
CreateEventW
CreateFileMappingW
GetPrivateProfileIntW
CreateFileW
CloseHandle
FreeLibrary
WaitForSingleObject
GetSystemDirectoryW
LoadLibraryW
GetProcAddress
GetLastError
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
GetCurrentDirectoryW
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
lstrcatW
OutputDebugStringW
GetEnvironmentVariableW
GetTempPathW
MapViewOfFile

user32

WaitForInputIdle
PostThreadMessageW
wvsprintfW
wsprintfW

advapi32

InitializeSecurityDescriptor
StartServiceCtrlDispatcherW
OpenProcessToken
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
SetSecurityDescriptorDacl
SetServiceStatus
OpenSCManagerW
OpenServiceW
CreateServiceW
CloseServiceHandle
ChangeServiceConfig2W
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyW
RegSetValueExW
RegCloseKey

shlwapi

PathFileExistsW

imagehlp

ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData

crypt32

CryptVerifyMessageSignature
CertFreeCertificateContext

msvcrt

_wfopen
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_waccess
free
_wmkdir
wcsrchr
wcscpy
malloc
wcslen
memset
wcscat
fflush
fputws
fclose
_controlfp
??3@YAXPAX@Z
wcscmp
??2@YAPAXI@Z
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eff8beedaa659d68b7a6eeef14aee522

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

imagehlp

crypt32

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB