7778877ff29ce37f72c01a85db78caf9e026d87436cf3d3ef83b07641ebb28c0

Sharing

Copy URL

Twitter E-mail

General

Target

7778877ff29ce37f72c01a85db78caf9e026d87436cf3d3ef83b07641ebb28c0
Size

76KB
MD5

34f1aa5e2f642592c0c1db3aa48bf390
SHA1

cfa211d4f19b9f9084cedf4e6215ac7e3f5298f4
SHA256

7778877ff29ce37f72c01a85db78caf9e026d87436cf3d3ef83b07641ebb28c0
SHA512

fdeb97456ed342c05288ee702f7ec511108a315d5510466b43f4f06214044ced3c3cb0a1f412ab5fa1e64cc2ac7a76ef69ed22c24e326c6bce5702d4dc4d5de9
SSDEEP

768:rgdzYkKAUWyUPikbPMhxODrZU9qZU9gRB:8dYZAeUPvixODrpTr

Score

N/A

Malware Config

Signatures

Files

7778877ff29ce37f72c01a85db78caf9e026d87436cf3d3ef83b07641ebb28c0
.exe windows x86

53c986c7a86e0e9b5ee7ef7c45039d79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
memcpy
__CxxFrameHandler3
??_V@YAXPAX@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
_stricmp
vsprintf
fopen
strncmp
_strnicmp
memset
fclose
fputs
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_CxxThrowException
malloc
free
sprintf_s

mfc80u

ord2461
ord2895
ord2311
ord293
ord5414
ord1906
ord774
ord870
ord577

kernel32

lstrlenA
HeapFree
GetProcessHeap
CreateThread
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
OutputDebugStringW
InterlockedDecrement
CreateEventA
WaitForSingleObject
ResetEvent
TerminateThread
GetModuleFileNameA
DisconnectNamedPipe
WriteFile
GetDriveTypeA
ReadFile
ConnectNamedPipe
CloseHandle
CreateNamedPipeA
LocalFree
LocalAlloc
GetLastError
OutputDebugStringA
SetEvent

advapi32

CreateServiceA
InitializeSecurityDescriptor
SetFileSecurityA
AddAccessAllowedAce
AddAce
GetAce
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenServiceA
ControlService
DeleteService
OpenSCManagerA
CloseServiceHandle
SetSecurityDescriptorDacl
StartServiceA
SetServiceStatus
LookupAccountNameA
GetFileSecurityA
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl

shell32

SHGetSpecialFolderPathA

ole32

CoInitializeSecurity
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53c986c7a86e0e9b5ee7ef7c45039d79

Headers

File Characteristics

Imports

msvcr80

mfc80u

kernel32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 52KB - Virtual size: 50KB