4d7833756e2fe08b6ccd5cd412f7a05af3c361d48174f1f5ef26c840d996459c

General

Target

4d7833756e2fe08b6ccd5cd412f7a05af3c361d48174f1f5ef26c840d996459c
Size

542KB
MD5

83735498cac6d1dcad7bed4ee2164770
SHA1

153292bb2a83477e511eca41a10bb3ad8d14c5ce
SHA256

4d7833756e2fe08b6ccd5cd412f7a05af3c361d48174f1f5ef26c840d996459c
SHA512

f4b16531ef422573a9d9f2eb6a7cdcd0de0164228075b9aea8743178052b3e119f97caadc840d861cbfe33cb64c098dec3f879cd45f7502639ca45bc4d30b502
SSDEEP

12288:M46qDOwJ13tJ+AkRWdJRrkG4x3Pbp0q0K7xyh72jOvAx8Ap5j1avx:r6Q5r5kREwrx3Pbeq0K1yh7YDvp6vx

Score

N/A

Malware Config

Signatures

Files

4d7833756e2fe08b6ccd5cd412f7a05af3c361d48174f1f5ef26c840d996459c
.exe windows x86

8ec23f1caae70357e4c0a8b2d841a4b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

tapi32

lineShutdown
lineDeallocateCall
lineSetMediaMode
lineConfigDialog
lineInitialize
lineSetCurrentLocation
lineClose

advapi32

OpenSCManagerW
IsValidAcl
RegCreateKeyExA
GetNamedSecurityInfoW
RegDeleteValueW
OpenTraceW
AreAnyAccessesGranted
SetKernelObjectSecurity
RegSetValueW
GetEventLogInformation
StartServiceA
AddAccessDeniedAce

kernel32

GetConsoleMode
FindFirstFileA
OpenEventA
VirtualAlloc
SuspendThread
LocalSize
SetUnhandledExceptionFilter
AssignProcessToJobObject
ReleaseMutex
SetConsoleCursor
SetThreadExecutionState

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 213KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 167KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 105KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ec23f1caae70357e4c0a8b2d841a4b3

Headers

DLL Characteristics

File Characteristics

Imports

tapi32

advapi32

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

CRT Size: 213KB - Virtual size: 338KB

DATA Size: 167KB - Virtual size: 188KB

.edata Size: 105KB - Virtual size: 213KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 1024B - Virtual size: 140B

.text
Size: 16KB - Virtual size: 15KB

CRT
Size: 213KB - Virtual size: 338KB

DATA
Size: 167KB - Virtual size: 188KB

.edata
Size: 105KB - Virtual size: 213KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 1024B - Virtual size: 140B