8f10fb9bf6dc760092065ed247b9d6acc2076245a87411e0dcc5b31c29af877c

Sharing

Copy URL Twitter E-mail

General

Target

8f10fb9bf6dc760092065ed247b9d6acc2076245a87411e0dcc5b31c29af877c
Size

183KB
MD5

078002dba1c5963a30cc204e2b259236
SHA1

ab4d5aae87ed3e07ea0e1e09fa8af2dccaad07f1
SHA256

8f10fb9bf6dc760092065ed247b9d6acc2076245a87411e0dcc5b31c29af877c
SHA512

86b013bf4da6be11d92e7b5a6e458d5b8cdf2e36bcd6dc48999dcd25620427dc67906120192820f5eb58b7487d408adb7a0522da46f2872728f04aa4f1a34526
SSDEEP

3072:mTY4LaBRLi3YCKAOfDuCuMpQ/3Z5e2g7APE76K0o1PrFxa6Fhoii3PudyIdW:/BxQBKAfCuMQXeFAs76K08zFxP3JLdyb

Score

N/A

Malware Config

Signatures

Files

8f10fb9bf6dc760092065ed247b9d6acc2076245a87411e0dcc5b31c29af877c
.exe windows x86

fef0f772e5a9498640e983ad9f1db761

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
wcsrchr

advapi32

RegCloseKey
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegGetKeySecurity
GetSecurityDescriptorOwner
SetServiceStatus
RegEnumKeyExW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
RevertToSelf
MakeAbsoluteSD
RegDeleteValueW
RegQueryValueExW
InitializeAcl
AddAccessAllowedAce
GetAce
InitializeSecurityDescriptor
RegOpenKeyExW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetLengthSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
SetThreadToken
OpenThreadToken
FreeSid
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
MakeSelfRelativeSD
GetSecurityDescriptorLength
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl

kernel32

SetCurrentDirectoryW
OutputDebugStringW
OpenProcess
CreateEventW
OpenEventW
GetFileType
GetStdHandle
GetCommandLineW
SetConsoleCtrlHandler
CreateThread
GetUserDefaultLangID
GetSystemDirectoryW
GetModuleHandleW
lstrlenA
GetModuleHandleA
GetStartupInfoA
lstrcpynW
lstrcatW
lstrlenW
lstrcpyW
lstrcmpiW
GetLastError
CloseHandle
GetCurrentProcess
Sleep
GetVersionExW
GetCurrentThread
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
CreateProcessW
lstrcmpW
SetUnhandledExceptionFilter
ExitProcess
lstrcpynA
WideCharToMultiByte
FreeLibrary
FormatMessageA
GetSystemDefaultLangID
LoadLibraryExW
SetLastError
GlobalAlloc
GlobalFree
GetModuleFileNameW
WriteFile
FormatMessageW
GetLocaleInfoW
GetACP
UnhandledExceptionFilter
WaitForSingleObject

user32

PostQuitMessage
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageW
IsCharAlphaNumericW
PostThreadMessageW
wsprintfA
wsprintfW
MsgWaitForMultipleObjects

ntdll

NtQueryInformationProcess

ole32

CoUninitialize
StgOpenStorage
CoInitialize
CoRevokeClassObject
CoRegisterClassObject

msi

ord141
ord228
ord70
ord131
ord184
ord175
ord222
ord190
ord196
ord78
ord148
ord136
ord169
ord197
ord199
ord8
ord88

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fef0f772e5a9498640e983ad9f1db761

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ntdll

ole32

msi

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 7KB - Virtual size: 6KB

.text Size: 120KB - Virtual size: 120KB

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 6KB

.text
Size: 120KB - Virtual size: 120KB