0ec70fbd409b8e39bc33580d20bac5d26e7b1871b5569d7ad4c5f978289c8449

Sharing

Copy URL Twitter E-mail

General

Target

0ec70fbd409b8e39bc33580d20bac5d26e7b1871b5569d7ad4c5f978289c8449
Size

88KB
MD5

87e5fb6530b7b2e62e20241ee9a7c624
SHA1

b033f8b118937bcfdd42d312561a38b48195af27
SHA256

0ec70fbd409b8e39bc33580d20bac5d26e7b1871b5569d7ad4c5f978289c8449
SHA512

f1a1f62c0ff01ba37c3edf7f44ad25257991776b72b34686881409724f44a92def6d9afdaeec8a19b8e634105b50aecce2b52b7ca7174e33145215ff43a0e3f4
SSDEEP

1536:9zdUwObymSUjlumDbgb6CIT+ZADT+ZLEfKJVXtrX+t6Bw:9+w6ym5luWmJ82wfGXtrX+t6Bw

Score

N/A

Malware Config

Signatures

Files

0ec70fbd409b8e39bc33580d20bac5d26e7b1871b5569d7ad4c5f978289c8449
.exe windows x86

583b3266ba8857c3248d58f1de5c6b51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
MoveFileExA
GetModuleFileNameA
GetLastError
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
WaitForSingleObject
MoveFileA
ExitProcess
CreateMutexA
GetModuleHandleA
GetSystemInfo
GetSystemDefaultUILanguage
GlobalMemoryStatus
CloseHandle
CreateThread
GetVersionExA
LoadLibraryA
GetProcAddress
WinExec
FreeLibrary
lstrlenA
GetCurrentProcessId
CreateProcessA
TerminateProcess
GetSystemDirectoryA
lstrcatA
lstrcpyA
Sleep
GetShortPathNameA
GetTickCount
LocalAlloc
InterlockedExchange
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
InitializeCriticalSection
HeapSize
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
LCMapStringA
LCMapStringW

user32

ExitWindowsEx
wsprintfA

advapi32

StartServiceCtrlDispatcherA
CreateServiceA
StartServiceA
RegOpenKeyA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

netapi32

NetLocalGroupAddMembers
NetUserAdd

iphlpapi

GetIfTable

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

583b3266ba8857c3248d58f1de5c6b51

Headers

File Characteristics

Imports

kernel32

user32

advapi32

netapi32

iphlpapi

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 2KB