87de2b195c5f656f0518767af3b8c307d8d27c51cf04cc727432cb10977a19c0

Sharing

Copy URL Twitter E-mail

General

Target

87de2b195c5f656f0518767af3b8c307d8d27c51cf04cc727432cb10977a19c0
Size

68KB
MD5

08a4373fab5757303862531b709df350
SHA1

f98df8e76bb376332727c0a17fed3fe1e57a067b
SHA256

87de2b195c5f656f0518767af3b8c307d8d27c51cf04cc727432cb10977a19c0
SHA512

968b8b2f43e24a1c1fa32f2152e5952e61b832c5a06e31956eb43e99635080e346bffdc844e56473ed35af784e3850f37cfcfb3045740e2e7433dd02aec3e89e
SSDEEP

768:e7/VNe2N4KzNRuxRafEf653XDwAJqFNqDivnL+RZOlNMbeP1VcoTWojUKRMXuE:e7to2NPuV6VD7qRCRAlNMbeP1VFTw

Score

N/A

Malware Config

Signatures

Files

87de2b195c5f656f0518767af3b8c307d8d27c51cf04cc727432cb10977a19c0
.exe windows x86

a9e8ebeea249666fa037ae3f14b64881

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
SetFilePointer
IsBadCodePtr
GetStringTypeW
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
AllocConsole
GetStdHandle
GlobalAlloc
SetConsoleCtrlHandler
GetVersionExA
FormatMessageA
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
LocalAlloc
LocalFree
GetCommandLineW
WideCharToMultiByte
GlobalFree
CreateMutexA
CreateEventA
SetLastError
OpenMutexA
SetErrorMode
ResetEvent
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
OpenProcess
WaitForMultipleObjects
SetEvent
WaitForSingleObject
OpenEventA
lstrcpyA
lstrcmpiA
CreateFileA
CloseHandle
lstrlenA
lstrcatA
GetLastError
IsBadReadPtr
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
RtlUnwind
SetStdHandle
GetFileType
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers

user32

FindWindowA
GetWindowThreadProcessId
SetWindowTextA
RegisterClassA
CreateWindowExA
DefWindowProcA
DestroyWindow

advapi32

InitializeSecurityDescriptor
QueryServiceConfigA
ChangeServiceConfigA
RegDeleteKeyA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
RegisterServiceCtrlHandlerExA
ControlService
QueryServiceStatus
DeleteService
RegCreateKeyA
StartServiceCtrlDispatcherA
GetUserNameA
LookupAccountNameA
IsValidSid
GetLengthSid
CopySid
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
AllocateAndInitializeSid
FreeSid
SetEntriesInAclA
OpenProcessToken
RegEnumValueA
CreateProcessAsUserA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA

shell32

CommandLineToArgvW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a9e8ebeea249666fa037ae3f14b64881

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

userenv

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 16KB - Virtual size: 36KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 16KB - Virtual size: 36KB