7157b49da4df67963102781a0aca78309f46e851b0f266d7d49757673d90995b

Sharing

Copy URL

Twitter E-mail

General

Target

7157b49da4df67963102781a0aca78309f46e851b0f266d7d49757673d90995b
Size

205KB
MD5

34a8f576c8ca08501b70b556198a88b5
SHA1

ab72b2d09739f6ba04bb4acdc36f76bbf8f280ea
SHA256

7157b49da4df67963102781a0aca78309f46e851b0f266d7d49757673d90995b
SHA512

e10b785798542b9de6d5ee1a915bfc29da6a62c49686c6f1da62118293e42e03dc4994d6ace530e22ce314cbf6c36964e6d448b6b17c2575ace746d5b14b1cab
SSDEEP

3072:Mb7PKXRKugVBJfKOGDgX6Q4yWLrXMyYmbPQ7MIGxjKSxl8rkItsR2toFF7ZjjBGL:MXKXApVvK/DgqQCCAQ7MIqFlUkTR2YU

Score

N/A

Malware Config

Signatures

Files

7157b49da4df67963102781a0aca78309f46e851b0f266d7d49757673d90995b
.exe windows x86

8cc2b203d1933731957b6fc48368ac9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegFlushKey
RegOpenKeyExW
RegQueryInfoKeyA
LookupPrivilegeValueA
LockServiceDatabase
RegSetValueExW
StartServiceCtrlDispatcherA
QueryServiceStatus
UnlockServiceDatabase
InitializeSecurityDescriptor
RegOpenKeyExA
SetServiceStatus
RegCreateKeyW
RegEnumKeyExA
AllocateAndInitializeSid
FreeSid

kernel32

GlobalUnlock
GetEnvironmentVariableA
SearchPathA
GetUserDefaultLCID
GetLocaleInfoA
GetStringTypeW
WriteConsoleA
SetErrorMode
SetCurrentDirectoryW
GetSystemDirectoryA
VirtualAlloc
MoveFileExW
FindNextFileA
ResetEvent
CreateMutexA
OpenEventW
CreateProcessW
GetTempPathW
CopyFileW
ExitProcess
RemoveDirectoryA
GetFileAttributesW
GetFileSize
GetProcessHeap
GlobalLock

gdi32

SetBrushOrgEx
GetTextColor
CreatePenIndirect
SetEnhMetaFileBits
CreateRoundRectRgn
Arc
IntersectClipRect
ScaleWindowExtEx
SetBkMode
GetWindowExtEx
CreateICW
EndPage
CreateBrushIndirect
CreateBitmapIndirect
BitBlt
CreateEllipticRgn
CreateMetaFileA
GetStockObject
SetROP2
EnumFontFamiliesExW
StretchDIBits
SelectPalette
GetBrushOrgEx
SetRectRgn
DeleteDC
SetPolyFillMode
RestoreDC
SaveDC

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

msvcrt

fwrite
_lseeki64
__p__fmode
_splitpath
memset
fclose
__getmainargs
sprintf
swprintf
wcsrchr
_ltoa
isxdigit
sscanf
_except_handler3
ftell
free
exit
wcstoul
_wfullpath
_wcsnicmp
_wsplitpath
fputc
_controlfp
strcspn
printf
_purecall
_errno

Sections

.text
Size: 162KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 13KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cc2b203d1933731957b6fc48368ac9e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

version

msvcrt

Sections

.text Size: 162KB - Virtual size: 165KB

.idata Size: 2KB - Virtual size: 8KB

.bss Size: 13KB - Virtual size: 300KB

.edata Size: 11KB - Virtual size: 138KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 162KB - Virtual size: 165KB

.idata
Size: 2KB - Virtual size: 8KB

.bss
Size: 13KB - Virtual size: 300KB

.edata
Size: 11KB - Virtual size: 138KB

.rsrc
Size: 15KB - Virtual size: 15KB