350c9c3ef848ae1b1b867a2277290e076b8efefba962c9411de82620c2008fe3

Sharing

Copy URL Twitter E-mail

General

Target

350c9c3ef848ae1b1b867a2277290e076b8efefba962c9411de82620c2008fe3
Size

92KB
MD5

efee0c81c71b58663c9125876b4f472c
SHA1

bfdba291c8644229474db825985dce5501b350e2
SHA256

350c9c3ef848ae1b1b867a2277290e076b8efefba962c9411de82620c2008fe3
SHA512

242cae3587ad346a029efce4658db38f7ed8ca3b533056882152f8afb22a7de254308493f8f364cbc415e3abdb4c75a9a57b107af3003ebb94f3434b3f4003fe
SSDEEP

1536:JgkqSFq+KTJXGrZG22tkZ2HZEbP/XxtOabJVXtYX+tqlB:Jgk3w+hrhZ8AP/ua3XtYX+tql

Score

N/A

Malware Config

Signatures

Files

350c9c3ef848ae1b1b867a2277290e076b8efefba962c9411de82620c2008fe3
.exe windows x86

583b3266ba8857c3248d58f1de5c6b51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
MoveFileExA
GetModuleFileNameA
GetLastError
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
WaitForSingleObject
MoveFileA
ExitProcess
CreateMutexA
GetModuleHandleA
GetSystemInfo
GetSystemDefaultUILanguage
GlobalMemoryStatus
CloseHandle
CreateThread
GetVersionExA
LoadLibraryA
GetProcAddress
WinExec
FreeLibrary
lstrlenA
GetCurrentProcessId
CreateProcessA
TerminateProcess
GetSystemDirectoryA
lstrcatA
lstrcpyA
Sleep
GetShortPathNameA
GetTickCount
LocalAlloc
InterlockedExchange
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
InitializeCriticalSection
HeapSize
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
LCMapStringA
LCMapStringW

user32

ExitWindowsEx
wsprintfA

advapi32

StartServiceCtrlDispatcherA
CreateServiceA
StartServiceA
RegOpenKeyA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

netapi32

NetLocalGroupAddMembers
NetUserAdd

iphlpapi

GetIfTable

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

583b3266ba8857c3248d58f1de5c6b51

Headers

File Characteristics

Imports

kernel32

user32

advapi32

netapi32

iphlpapi

Sections

.text Size: 40KB - Virtual size: 38KB

PAGE Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 38KB

PAGE
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 2KB