5bc741a3cbb2595056ec722c843d4f790ac8896f1a75fb0512f345d4887478fd

Sharing

Copy URL Twitter E-mail

General

Target

5bc741a3cbb2595056ec722c843d4f790ac8896f1a75fb0512f345d4887478fd
Size

65KB
MD5

0893ebf5c067bdde0533c2d1e64979a9
SHA1

05330f57e2a5757491ae22c579543d02ebaf7b5f
SHA256

5bc741a3cbb2595056ec722c843d4f790ac8896f1a75fb0512f345d4887478fd
SHA512

339f03916e018b3b9809dedfb09e5bb3293a340ac07a12695b1f84f9043e08a1ac82c597cd51d5c104d8c13c5ed4b5ac2961adecc0122f7ae4d3cdf05c3e4873
SSDEEP

1536:LKyl9MCJMGupPWO1P+Pz6sUPokPXIFD5AgBxc:LKyDMCJJnB0QD5AgB+

Score

N/A

Malware Config

Signatures

Files

5bc741a3cbb2595056ec722c843d4f790ac8896f1a75fb0512f345d4887478fd
.exe windows x86

96f08e079c51d2f45e9f37c98322ebe1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlUnwind

kernel32

HeapFree
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapCreate
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapAlloc
WaitForMultipleObjects
CreateEventA
CreateMailslotA
LocalAlloc
SetEvent
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
CreateFileA
CloseHandle
DeviceIoControl
GetFileSize
SetFilePointer
WriteFile
FlushFileBuffers
ReadFile
GetLastError

advapi32

StartServiceCtrlDispatcherA
RegisterEventSourceA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetServiceStatus
ReportEventA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegisterServiceCtrlHandlerA

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96f08e079c51d2f45e9f37c98322ebe1

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 3KB - Virtual size: 3KB