de2045c9837ebf0d6bfcc63efebf81c29d06a7616ef93b24c5541bf44f99c016

Sharing

Copy URL

Twitter E-mail

General

Target

de2045c9837ebf0d6bfcc63efebf81c29d06a7616ef93b24c5541bf44f99c016
Size

118KB
MD5

902c00affd3db202c5fa9874a2546126
SHA1

ac2c69181e6e35b84bab49e9d33d4d7763cf6857
SHA256

de2045c9837ebf0d6bfcc63efebf81c29d06a7616ef93b24c5541bf44f99c016
SHA512

5d206c58ac7c8bd2fc831314686a6bf613db8869ee9f23619d658b1a8a61240640496c407dae85015efdb475f5361f941d8be53e7eda88db9fe005d2f0a92bf7
SSDEEP

3072:2a8YGq2shzbtRtQ+iFDm36CpWcmIMAVV3A99NqWu:v8YGqVhz5HUdgf1MAQ9N

Score

N/A

Malware Config

Signatures

Files

de2045c9837ebf0d6bfcc63efebf81c29d06a7616ef93b24c5541bf44f99c016
.exe windows x86

eccd27a4cdf77f7c9707db12e21fff28

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

ChangeServiceConfigA
CloseEventLog
CreateServiceA
EnumDependentServicesW
LogonUserW
OpenBackupEventLogA
RegCloseKey
RegFlushKey
RegOpenKeyW
StartServiceCtrlDispatcherW

kernel32

CloseHandle
CompareStringW
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindFirstFileExW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalFix
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
PulseEvent
RaiseException
ReadConsoleOutputW
ReleaseMutex
RtlUnwind
SetConsoleCP
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcpyA

user32

CreateDesktopA
DefDlgProcW
DragDetect
DrawTextExW
EnumThreadWindows
GetClipboardFormatNameW
GetUserObjectSecurity
InsertMenuW
LoadIconW
MessageBoxA
RegisterClipboardFormatW
RemovePropW
SetMessageQueue
SetSystemCursor
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eccd27a4cdf77f7c9707db12e21fff28

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 44KB

.data Size: 13KB - Virtual size: 28KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 44KB

.data
Size: 13KB - Virtual size: 28KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 3KB - Virtual size: 4KB