fe69065e1a8dfab798391d004c84e5f2eb2ad4d7b614d036d896a56cd272011f

Sharing

Copy URL Twitter E-mail

General

Target

fe69065e1a8dfab798391d004c84e5f2eb2ad4d7b614d036d896a56cd272011f
Size

188KB
MD5

0decaf853557ff3151b2f72caced02b0
SHA1

6bcda3be521357e559605066546091024d4cc48e
SHA256

fe69065e1a8dfab798391d004c84e5f2eb2ad4d7b614d036d896a56cd272011f
SHA512

ad26c75306740a6a82ba86a0741bb6b6f4b6e37f3d99d5bdc748ccd924c8161abbfa5e6c8d7877c2a171bd9ef0b03c37825c88d319b21f77161b4e5a7ad61b92
SSDEEP

3072:/4KFqGX8p12L/hrar+5G19rduzwPP4LSHUR6mwT11H1FwEMn:fqGW2L/hrai5sQjSHUsZ10EK

Score

N/A

Malware Config

Signatures

Files

fe69065e1a8dfab798391d004c84e5f2eb2ad4d7b614d036d896a56cd272011f
.exe windows x86

39fc9d8ae90de0ee4a53ac0b4551ca3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
GlobalMemoryStatus
GetComputerNameW
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentThread
GetCurrentProcess
CloseHandle
GetLastError
SystemTimeToFileTime
InitializeCriticalSection
lstrlenA
GetCommandLineW
GetCurrentThreadId
GetPrivateProfileStringA
lstrcpyA
GetModuleFileNameA
OpenFile
LoadLibraryA
GetProfileStringA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetProcAddress
FileTimeToSystemTime
LocalFree
GetStartupInfoW
GetModuleHandleW
OutputDebugStringA
DebugBreak
lstrcatA
InterlockedIncrement
GetModuleFileNameW
DeleteCriticalSection

user32

CreateWindowExA
MessageBoxW
GetMessageA
DispatchMessageA
PostThreadMessageA
LoadStringW
PostMessageA
SetWindowLongA
OpenDesktopA
RegisterClassA
GetWindowLongA
RegisterWindowMessageA
IsWindow
DefWindowProcA
GetFocus
CloseDesktop
MessageBoxA
SetThreadDesktop
CloseWindowStation
SetProcessWindowStation
OpenWindowStationA
GetThreadDesktop
GetProcessWindowStation
GetDesktopWindow

advapi32

CreateServiceW
DeleteService
RegSetValueExA
StartServiceCtrlDispatcherW
RegCreateKeyExW
RegSetValueExW
GetTokenInformation
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
CloseServiceHandle
ControlService
RegDeleteValueA
RegQueryValueExA
RegisterServiceCtrlHandlerW
SetServiceStatus
RegisterEventSourceW
ReportEventA
DeregisterEventSource
OpenSCManagerA
OpenServiceW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoInitializeSecurity
CoUninitialize
CoInitialize
CoCreateInstance
CLSIDFromProgID
CoTaskMemAlloc

oleaut32

VariantClear
SysAllocStringLen
SysStringLen
LoadRegTypeLi
VariantChangeType
SysAllocString
SysFreeString
VariantInit
CreateErrorInfo
SetErrorInfo
GetErrorInfo

atl

ord57
ord18
ord17
ord20
ord23
ord16
ord32
ord58
ord30
ord25

msvcrt

swprintf
_wtol
__CxxFrameHandler
_putws
??2@YAPAXI@Z
vswprintf
??3@YAXPAX@Z
memcpy
_purecall
free
malloc
memcmp
wcsncpy
wcslen
wcscat
strncpy
strcpy
strlen
_ftol
wcscpy
wcschr
strchr
atof
sprintf
strtok
wcsncmp
memset
_wtoi
wcscmp
strrchr
strcat
_pctype
_isctype
__mb_cur_max
vsprintf
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
__dllonexit
_onexit
wcstok
_wcsicmp
_CxxThrowException
??1type_info@@UAE@XZ

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

39fc9d8ae90de0ee4a53ac0b4551ca3c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

atl

msvcrt

msvcp60

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 80KB - Virtual size: 80KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 80KB - Virtual size: 80KB