19bef676cfcde41de606b93c570bb77168cde5d3def5b68181c173e2ae19274e

Sharing

Copy URL

Twitter E-mail

General

Target

19bef676cfcde41de606b93c570bb77168cde5d3def5b68181c173e2ae19274e
Size

54KB
MD5

2575c9df68225fe79c97850c0f33a526
SHA1

44a2bb02b831730f804daf12b8420e919854d954
SHA256

19bef676cfcde41de606b93c570bb77168cde5d3def5b68181c173e2ae19274e
SHA512

6ce766edd96026d70d75b3675bd0491996237dad92d10a06ab9740920e10eb71c8b0ac9bf7a7931f0f66c28eee10ad9ea53d9c999e665bd5eccb2700efe07eea
SSDEEP

1536:ZrdTw5it2hhmoNXSl/WjELMe/KD7GrzskeY:Zr01XmoNil/WjEL1/KD7GxZ

Score

N/A

Malware Config

Signatures

Files

19bef676cfcde41de606b93c570bb77168cde5d3def5b68181c173e2ae19274e
.exe windows x86

70b293273c2e953f890f7bde43afedef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

OpenSCManagerW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExW
CloseServiceHandle
ChangeServiceConfigW
OpenServiceW
RegCloseKey
StartServiceW
ControlService
QueryServiceStatus
RegQueryValueExW
RegCreateKeyW

kernel32

FormatMessageW
GetLastError
CreateDirectoryW
FormatMessageA
GetFileAttributesW
CloseHandle
LocalFree
LocalAlloc
CreateFileW
Sleep
SetLastError
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
FlushFileBuffers
ReadFile
SetFilePointer
SetStdHandle

netapi32

DsRoleFreeMemory
NetShareDel
NetApiBufferFree
NetShareGetInfo
NetShareAdd
DsRoleGetPrimaryDomainInformation
I_NetPathType

ntdll

NtFsControlFile
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
RtlNtStatusToDosError
NtQueryInformationFile
NtSetInformationFile
NtQueryDirectoryFile
NtCreateFile
RtlFreeHeap

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70b293273c2e953f890f7bde43afedef

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

netapi32

ntdll

Sections

.text Size: 31KB - Virtual size: 31KB

.data Size: 11KB - Virtual size: 16KB

.rsrc Size: 10KB - Virtual size: 29KB

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 11KB - Virtual size: 16KB

.rsrc
Size: 10KB - Virtual size: 29KB