11ac792737095b48ac4f0a70587a16cfb30e0b3bcb90e67592d3ad22d9be922f

Sharing

Copy URL Twitter E-mail

General

Target

11ac792737095b48ac4f0a70587a16cfb30e0b3bcb90e67592d3ad22d9be922f
Size

62KB
MD5

21834732b67c67b279c97d570174740b
SHA1

02c661d61c96fb6052093811afe06020f3f25334
SHA256

11ac792737095b48ac4f0a70587a16cfb30e0b3bcb90e67592d3ad22d9be922f
SHA512

5bae2f3dd66f1dc6308d92398d5caf143cc879be6c55d3ec2c0efe378aca225f7a29db2acda7b767d48a6d8445956671b4430c98b7122572299bad3cb51d8e9f
SSDEEP

768:zI4YSbqG4TY4LkR2Jcwuoc7NokgteLVyNlKludccVor3whUOyZWCTRpmaVVVG:p4TY4LCj+c7NIGVybKluS3YnyQCyaV+

Score

N/A

Malware Config

Signatures

Files

11ac792737095b48ac4f0a70587a16cfb30e0b3bcb90e67592d3ad22d9be922f
.exe windows x86

f2776adf2034fff0e0bdc5672a5f2d7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
wcsrchr

advapi32

RegCloseKey
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
RegGetKeySecurity
GetSecurityDescriptorOwner
SetServiceStatus
RegEnumKeyExW
OpenServiceW
ControlService
QueryServiceStatus
DeleteService
RevertToSelf
MakeAbsoluteSD
RegDeleteValueW
RegQueryValueExW
InitializeAcl
AddAccessAllowedAce
GetAce
InitializeSecurityDescriptor
RegOpenKeyExW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetLengthSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
SetThreadToken
OpenThreadToken
FreeSid
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
MakeSelfRelativeSD
GetSecurityDescriptorLength
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl

kernel32

SetCurrentDirectoryW
OutputDebugStringW
OpenProcess
CreateEventW
OpenEventW
GetFileType
GetStdHandle
GetCommandLineW
SetConsoleCtrlHandler
CreateThread
GetUserDefaultLangID
GetSystemDirectoryW
GetModuleHandleW
lstrlenA
GetModuleHandleA
GetStartupInfoA
lstrcmpW
lstrcatW
lstrlenW
lstrcpyW
lstrcmpiW
GetLastError
CloseHandle
GetCurrentProcess
Sleep
GetVersionExW
GetCurrentThread
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
MultiByteToWideChar
CreateProcessW
lstrcpynW
SetUnhandledExceptionFilter
ExitProcess
lstrcpynA
WideCharToMultiByte
FreeLibrary
FormatMessageA
GetSystemDefaultLangID
LoadLibraryExW
SetLastError
GlobalAlloc
GlobalFree
GetModuleFileNameW
WriteFile
FormatMessageW
GetLocaleInfoW
GetACP
UnhandledExceptionFilter
WaitForSingleObject

user32

PostQuitMessage
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageW
IsCharAlphaNumericW
PostThreadMessageW
wsprintfA
wsprintfW
MsgWaitForMultipleObjects

ntdll

NtQueryInformationProcess

ole32

CoUninitialize
StgOpenStorage
CoInitialize
CoRevokeClassObject
CoRegisterClassObject

msi

ord141
ord6
ord70
ord131
ord184
ord175
ord222
ord190
ord196
ord78
ord148
ord136
ord169
ord197
ord199
ord8
ord88

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2776adf2034fff0e0bdc5672a5f2d7e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ntdll

ole32

msi

Sections

.text Size: 47KB - Virtual size: 46KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 47KB - Virtual size: 46KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 6KB