f4a83c2253f98624d73dbcbcd41a2f86f121f2ea5aaf461d4bc1e3fe9e13c0f9

General

Target

f4a83c2253f98624d73dbcbcd41a2f86f121f2ea5aaf461d4bc1e3fe9e13c0f9
Size

168KB
MD5

1399cbf0c1f1cd0882cbb8e0d76e4e42
SHA1

4f39bee21d0e1d851fd7d0310fba0bc632c68380
SHA256

f4a83c2253f98624d73dbcbcd41a2f86f121f2ea5aaf461d4bc1e3fe9e13c0f9
SHA512

7c3df8066197987fba00b87514e1e6ccb1f94d1f224a82ddfcace5df9574d7a86ce54d96c146235b1e3d80ca39c8b224f3ddcade04b69a0ef8b5b3c3b51a59a3
SSDEEP

3072:Cy0PHApbtv/OyMgo3ktzaleX7jZJ1hmBGxufDzVjzo7DYTL1JZ3er07bS3A8u:eHApd/Oy6uWlyV8ExubzVjzonYTL1JZI

Score

N/A

Malware Config

Signatures

Files

f4a83c2253f98624d73dbcbcd41a2f86f121f2ea5aaf461d4bc1e3fe9e13c0f9
.exe windows x86

88cb6a305bc8e66a94907b70257c54c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
MultiByteToWideChar
GetTempPathA
GetStringTypeA
LCMapStringW
GetTickCount
GetCurrentProcess
GetCommandLineA
WinExec
DeviceIoControl
GetLastError
DeleteFileA
CreateFileA
WriteFile
GetModuleFileNameA
CloseHandle
LCMapStringA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

wsprintfA

advapi32

RegSetValueExA
RegCloseKey
CreateServiceA
StartServiceA
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegOpenKeyExA

shell32

ShellExecuteExA
ShellExecuteExW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88cb6a305bc8e66a94907b70257c54c1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 136KB - Virtual size: 261KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 136KB - Virtual size: 261KB

.rsrc
Size: 8KB - Virtual size: 4KB