a8a5592853a1eac29d3232ea975676aec0f9f84e578dbb73acdb292969edbba2

Sharing

Copy URL Twitter E-mail

General

Target

a8a5592853a1eac29d3232ea975676aec0f9f84e578dbb73acdb292969edbba2
Size

192KB
MD5

1ac4b297ba94162bcdc89f6935fb84f5
SHA1

8cba9527fcb380162393ea94634cd19b57932523
SHA256

a8a5592853a1eac29d3232ea975676aec0f9f84e578dbb73acdb292969edbba2
SHA512

915084e9e377763d72d12a7331414bd6cccab2727ed6d7982966719daeac2ef3066ec1de7d643e8ab2987a53b95cf424368d1baabc2bf63950bebcc5fdf33349
SSDEEP

3072:Ddt34WobnJ7vTQGyVYIvYDLJ+OUqJtXLarr2E3WXTAXD3y/WAd:pt34WoLJvAYIvYvPJtXLaf2E3Ucb6W

Score

N/A

Malware Config

Signatures

Files

a8a5592853a1eac29d3232ea975676aec0f9f84e578dbb73acdb292969edbba2
.exe windows x86

86ad0c712eac2e8099f89ac7de7ca68e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetModuleFileNameA
ReadFile
PeekNamedPipe
WaitForSingleObject
CreateProcessA
lstrcpyA
CreatePipe
GetVersionExA
WriteFile
lstrcatA
GetComputerNameA
InterlockedDecrement
DeleteFileA
GetCommandLineA
GetStartupInfoA
LoadLibraryA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
CreateDirectoryA
FindFirstFileA
FindNextFileA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetProcAddress
GetCurrentProcess
VerSetConditionMask
VerifyVersionInfoW
GetSystemDirectoryA
SetFileAttributesA
GetLastError
FormatMessageA
lstrlenA
LocalAlloc
LocalFree
SearchPathA
Sleep
ExitProcess
HeapFree
GetProcessHeap
HeapAlloc

user32

GetForegroundWindow
GetWindowTextA
wvsprintfA
SendMessageTimeoutA

advapi32

SetSecurityDescriptorDacl
SetFileSecurityA
QueryServiceStatus
StartServiceA
OpenSCManagerA
OpenServiceA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
RegDeleteValueA
GetUserNameA
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
InitializeSecurityDescriptor
GetNamedSecurityInfoA
ConvertSecurityDescriptorToStringSecurityDescriptorA
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
SetEntriesInAclA

shell32

ShellExecuteExA

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString

msvcrt

??1type_info@@UAE@XZ
_itoa
_stat
_CxxThrowException
strlen
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBD@Z
memchr
__CxxFrameHandler
fprintf
remove
fclose
fopen
fgets
memmove
fflush
fwrite
wcslen
fgetws
fwprintf
rename
getenv
strrchr
localtime
time
isalnum
_except_handler3
?terminate@@YAXXZ
??1exception@@UAE@XZ

wininet

InternetConnectA
HttpOpenRequestA
InternetQueryOptionA
InternetSetOptionA
HttpSendRequestA
InternetReadFile
InternetCloseHandle
InternetOpenA

shlwapi

PathFileExistsA
StrStrIA

Sections

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86ad0c712eac2e8099f89ac7de7ca68e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcrt

wininet

shlwapi

Sections

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 174KB - Virtual size: 174KB

.rsrc Size: 1KB - Virtual size: 1KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 174KB - Virtual size: 174KB

.rsrc
Size: 1KB - Virtual size: 1KB