96750f928e4db3ef103bb8765308980372839856c5e3ef292a3f7dbc7aabed57

General

Target

96750f928e4db3ef103bb8765308980372839856c5e3ef292a3f7dbc7aabed57
Size

140KB
MD5

0e8c2a5969582a2fa9ce1b02feb24100
SHA1

e37ffa72ad77c2d8488e15ed4ca16646e69e1c70
SHA256

96750f928e4db3ef103bb8765308980372839856c5e3ef292a3f7dbc7aabed57
SHA512

39b7fe4ed661a58f6443a20860d8a7f8ba8621034033e447a5acd5583a821c4e87c5f9ed34481c0862fedc19d21c0aeb8a7a3b18448cdb5252b6aeb0f76db81a
SSDEEP

1536:X74ySRNvnnWamvoPadCyhp7Ae53+BRgp5X4RqJdJyeJ3RdprnYUlfJqb0ItIxPMB:EySv4PdH+s5ldJNfAQrPf3QMm

Score

N/A

Malware Config

Signatures

Files

96750f928e4db3ef103bb8765308980372839856c5e3ef292a3f7dbc7aabed57
.exe windows x86

1790600ee532d5cce3df67c26dabbbee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
OpenEventW
CreateThread
HeapFree
WaitForMultipleObjects
lstrlenW
GetProcessHeap
HeapAlloc
GetModuleHandleA
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
RtlUnwind
lstrcpyW
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
GetEnvironmentStrings
UnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW

user32

SendMessageW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

rpcrt4

RpcNetworkIsProtseqValidW
RpcServerUseProtseqEpW
RpcServerRegisterIf
RpcServerListen
RpcMgmtStopServerListening
NdrServerInitializeNew
NdrConvert
NdrConformantStringUnmarshall
I_RpcGetBuffer
RpcRaiseException

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1790600ee532d5cce3df67c26dabbbee

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 81KB - Virtual size: 84KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 81KB - Virtual size: 84KB