917ee0a0141b5cedf9abccabaf21e8f64cf81c115c66ea30b609813b70d0d6f7

Sharing

Copy URL

Twitter E-mail

General

Target

917ee0a0141b5cedf9abccabaf21e8f64cf81c115c66ea30b609813b70d0d6f7
Size

261KB
MD5

0a87ae0e78763737168f5dc508fc7da0
SHA1

017097e9ad4405cea9e77478cd679eef12b9630f
SHA256

917ee0a0141b5cedf9abccabaf21e8f64cf81c115c66ea30b609813b70d0d6f7
SHA512

e6390c18a2097410dc7fb32adce6e9024a54f08632f3b9a139e7ccd9ceb87f639ebaf160ec6c6bac8fcdcd908fc7ffa17bf1410805c0e06387ed57ebb1d985e5
SSDEEP

6144:0Fc66UZNvw2M6by5/iq/4cw5hGtDiBuQ+e/o:F66UtLW/iq/4cw5yieio

Score

N/A

Malware Config

Signatures

Files

917ee0a0141b5cedf9abccabaf21e8f64cf81c115c66ea30b609813b70d0d6f7
.exe windows x86

327a7b5867cfbd850b874346239a8ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW

kernel32

GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
Sleep
GetVersionExW
GlobalFree
MultiByteToWideChar
GlobalAlloc
GetVolumeInformationW
GetSystemDirectoryW
DeviceIoControl
WideCharToMultiByte
GetTickCount
CreateProcessW
GetLastError
CopyFileW
LoadLibraryW
SetEndOfFile
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
CreateFileW
GetFileSize
ReadFile
GetModuleFileNameW
GetTempPathW
DeleteFileW
MoveFileExW
GetCurrentProcess
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
Process32FirstW
lstrcmpiW
Process32NextW
CloseHandle
OpenProcess
TerminateThread
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetSystemTimeAsFileTime
MoveFileW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
ExitProcess
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA

advapi32

CreateServiceW
ChangeServiceConfig2W
StartServiceW
StartServiceCtrlDispatcherW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
ControlService
DeleteService
OpenProcessToken
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
SetServiceStatus

shell32

ShellExecuteW

iphlpapi

GetAdaptersInfo

userenv

CreateEnvironmentBlock

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

327a7b5867cfbd850b874346239a8ea9

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

shell32

iphlpapi

userenv

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 92KB - Virtual size: 92KB