9b2d581c9a8179c3b0c69044b307518c726d42bd9f4df311e78d3a542f67636d

Sharing

Copy URL Twitter E-mail

General

Target

9b2d581c9a8179c3b0c69044b307518c726d42bd9f4df311e78d3a542f67636d
Size

1.8MB
MD5

27ee95872fc77042b862bf7e93894f74
SHA1

4e5e33b0917096c6fb7379e4b778247f4b32f3aa
SHA256

9b2d581c9a8179c3b0c69044b307518c726d42bd9f4df311e78d3a542f67636d
SHA512

78e116389583b6126db49496d99645e55ad2dfd98438ba94c18b1b71276cbb9c9f63050554239bfe3736d6065bd974027f0b878b7d9b69e31f184ce5115e9d6e
SSDEEP

49152:2Jcw7gTmNrhf+ChmBCxJy7LBYl7KWA8NYyKBgfWV6uI3/8:2JcagK1tg8/y7LivKBsWZk8

Score

N/A

Malware Config

Signatures

Files

9b2d581c9a8179c3b0c69044b307518c726d42bd9f4df311e78d3a542f67636d
.exe windows x86

80e93f69149854a28f170ae5e090d9be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenServiceA
ClearEventLogA
RegOpenKeyExA
IsTextUnicode
ControlService
InitializeSid
CreateServiceA
IsValidSecurityDescriptor
IsValidAcl
RegCloseKey
IsValidSid

user32

GetMessageA
SetCursorPos
CharToOemA
DrawIcon
LoadCursorA
DispatchMessageA
wsprintfA
CreateWindowExA
GetWindowLongA
GetWindowTextA
IsWindow
DialogBoxParamA
PostMessageA
GetCaretPos
PeekMessageA
IsDialogMessageA

modemui

drvCommConfigDialogA
drvSetDefaultCommConfigA

rsaenh

CPGenKey
CPDeriveKey

certcli

CAEnumFirstCA
CACloseCA

kernel32

GetCurrentDirectoryA
GetTimeFormatA
HeapValidate
GetPrivateProfileIntA
GetSystemTimeAsFileTime
WriteConsoleA
DeviceIoControl
GetNumberFormatW
GetProcAddress
GetAtomNameA
CreateDirectoryA
GetDateFormatA
CloseHandle
ReadFile
ReadConsoleA
FormatMessageA
SetFilePointer
UpdateResourceA
GetComputerNameA
GetGeoInfoA
GetProcessHeap
lstrcpynA
GetConsoleAliasW
LoadLibraryA
WaitForSingleObject
GetStringTypeA
SetEnvironmentVariableW
CreateNamedPipeA
GetCurrentProcess
GetConsoleTitleA
GetFullPathNameA
CompareStringA

Sections

.text
Size: 1.8MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80e93f69149854a28f170ae5e090d9be

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

modemui

rsaenh

certcli

kernel32

Sections

.text Size: 1.8MB - Virtual size: 1.7MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 564B

.tls Size: 512B - Virtual size: 84B

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 1.8MB - Virtual size: 1.7MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 564B

.tls
Size: 512B - Virtual size: 84B

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 2KB - Virtual size: 1KB