e4255cc9459ff1778fda2c8cf8204eaff51a6bcd27e9d49fc2a32f6a0a916af3

Sharing

Copy URL Twitter E-mail

General

Target

e4255cc9459ff1778fda2c8cf8204eaff51a6bcd27e9d49fc2a32f6a0a916af3
Size

114KB
MD5

094605d1f678598f2df31ad0444885f0
SHA1

b7779f8018ebc6189a13367b2dcced6601520cda
SHA256

e4255cc9459ff1778fda2c8cf8204eaff51a6bcd27e9d49fc2a32f6a0a916af3
SHA512

362ca949d0c14f01f0572f8c43f404f0624510f6badf48bfb3f5632ca1c730e0e885857f8af10926c6972354273bf47abdec3e445077ca111b0fce308a62d5d0
SSDEEP

3072:lhdP3gL+o68/aT708f/NVvLCumNZM8T6:l/PgCo68/z8XXv

Score

N/A

Malware Config

Signatures

Files

e4255cc9459ff1778fda2c8cf8204eaff51a6bcd27e9d49fc2a32f6a0a916af3
.exe windows x86

eed8c40f1f09d4d2f3b7286336f03881

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetPrivateObjectSecurity
GetUserNameW
BackupEventLogA
RegFlushKey
RegSetValueExA
IsValidSid
AdjustTokenPrivileges
ControlService
OpenEventLogW
RegDeleteKeyW
GetUserNameA
OpenSCManagerW
RegEnumKeyExA
ImpersonateSelf
OpenProcessToken
RegDeleteKeyA
RegCreateKeyA
RegCreateKeyExW
RegCreateKeyExA
RegConnectRegistryA
OpenThreadToken
OpenSCManagerA
LookupPrivilegeValueA
RegQueryInfoKeyA
EnumServicesStatusA
RegEnumKeyExW
CloseEventLog
RegEnumValueA
CloseServiceHandle
OpenServiceW
CreateProcessAsUserA
ReadEventLogW
DuplicateToken
RegCloseKey

kernel32

GetCurrentProcessId
GetModuleHandleW
lstrcmpA
VirtualAlloc
LCMapStringW
HeapSize
TlsFree
lstrlenA
GlobalFree
FreeEnvironmentStringsW
WaitForSingleObject
LocalFree
SetEndOfFile
CreateFileA
WideCharToMultiByte
FormatMessageW
LCMapStringA
LocalAlloc
DeleteCriticalSection
HeapDestroy
GetEnvironmentStringsW
GetModuleHandleA
FindFirstFileW
GetModuleFileNameA
FindFirstFileA
LeaveCriticalSection
LockResource
GetOEMCP
GetStringTypeA
DeleteFileW
HeapFree
ExitProcess
GetCommandLineW
CreateEventW
LoadResource
ReadFile
GlobalAlloc
FindClose
HeapCreate
GetFileAttributesA
lstrlenW
GetFileAttributesW
GetStdHandle
GetVersionExA
GetCommandLineA
CreateSemaphoreA
GetProcessVersion
CreateMutexA
GetPriorityClass
GetEnvironmentStrings
GetCurrentThread
CreateEventA
GetStartupInfoA
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetHandleCount
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
FatalAppExitA
GetCPInfo
GetACP
HeapAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
Sleep
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eed8c40f1f09d4d2f3b7286336f03881

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 3KB - Virtual size: 2KB