163207f65257cdaa76505494b3edaad47973801b0e313ec2efcb78db581ba0d6

General

Target

163207f65257cdaa76505494b3edaad47973801b0e313ec2efcb78db581ba0d6
Size

87KB
MD5

0d50f0dfa12dd896d441ffaad17de00a
SHA1

9cc3a106e98664065ebf826e3da635017ce49bf9
SHA256

163207f65257cdaa76505494b3edaad47973801b0e313ec2efcb78db581ba0d6
SHA512

26bd1f6e1cfd5a38c9f06fe4c66d9939aab42e220d2509ec6ebcd03e953e441539e0d3aab039a7fc007c2698d4e98894655a68a48bd368a9727c4391126f2a0f
SSDEEP

1536:jiqNBURXMZsDFTn/TDTXsAUnh7O8oGP0:jhURjFLXMh7O8o

Score

N/A

Malware Config

Signatures

Files

163207f65257cdaa76505494b3edaad47973801b0e313ec2efcb78db581ba0d6
.exe windows x86

445fa81ea0928013ec1ca9f815912410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SizeofResource
WriteFile
CloseHandle
HeapFree
FindResourceA
LoadResource
FreeResource
SetLastError
lstrcpyA
GetModuleFileNameA
lstrlenA
lstrcatA
Beep
MultiByteToWideChar
WideCharToMultiByte
GetSystemDirectoryA
GetLocalTime
Sleep
GetLastError
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

GetLengthSid
GetUserNameA
QueryServiceStatus
ControlService
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAce
RegQueryValueExA
SetFileSecurityA
GetSecurityDescriptorControl
SetSecurityDescriptorDacl
CreateServiceA

shlwapi

SHDeleteKeyA

netapi32

NetUserGetLocalGroups

msvcrt

strlen
strchr
memcpy
memset
rand
_except_handler3
_stricmp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

445fa81ea0928013ec1ca9f815912410

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

netapi32

msvcrt

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 936B

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 936B

.rsrc
Size: 80KB - Virtual size: 80KB