e8c425d2e473596dc0f69fe8a3da1c18f4a195090a2dd4cc1e034f00b9690cc6

General

Target

e8c425d2e473596dc0f69fe8a3da1c18f4a195090a2dd4cc1e034f00b9690cc6
Size

128KB
MD5

82325de5caa56ff18d6e863f49fbcd90
SHA1

9062a6efd2c58007825ff20622fffd602ff054ec
SHA256

e8c425d2e473596dc0f69fe8a3da1c18f4a195090a2dd4cc1e034f00b9690cc6
SHA512

8061e95896e9071fc42c411c95d5289a35ba05a0697958d39d6dc57eb89c3025ede21d8b2ac0228c6cc6eac2f740225c2c06c269bdc2a1ee34f3f5f4ef16b2d0
SSDEEP

1536:cxNz+9Xr8uRLLfJx6BTYBGL/wTDWmia9vy1fmj6CHfplloIORLo4ltUOaZ4JRzJX:cxaXpxfJx6BTYRDWmisExCH0o48qJ5Fr

Score

N/A

Malware Config

Signatures

Files

e8c425d2e473596dc0f69fe8a3da1c18f4a195090a2dd4cc1e034f00b9690cc6
.exe windows x86

87a511d13a1925a20e513b12849bed1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameA
GetVersionExA
DuplicateHandle
GetCurrentProcess
WriteFile
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
CreateFileA
Sleep
CloseHandle
WinExec
GetLastError
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
OpenProcess

user32

ShowWindow
DefWindowProcA
GetMessageA
RegisterClassExA
PostQuitMessage
TranslateMessage
CreateWindowExA
DispatchMessageA
GetDesktopWindow

advapi32

GetUserNameA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
DeleteService
ConvertSidToStringSidA
LookupAccountNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
OpenSCManagerA

msvcrt

__getmainargs
_stricmp
_controlfp
__set_app_type
__p__fmode
sprintf
rand
strstr
_access
_except_handler3
srand
time
fclose
fflush
fwrite
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z
_exit
_XcptFilter
exit
_acmdln
_strlwr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

shlwapi

SHDeleteKeyA
SHSetValueA
StrStrA

dbghelp

ImageNtHeader

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87a511d13a1925a20e513b12849bed1a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

dbghelp

version

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 100KB - Virtual size: 97KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 4KB - Virtual size: 1KB