79ccd63bed9f10bff3933bd2956920e07647e3ac62166020a2a2b021fd2be075

Sharing

Copy URL Twitter E-mail

General

Target

79ccd63bed9f10bff3933bd2956920e07647e3ac62166020a2a2b021fd2be075
Size

140KB
MD5

67dc2191e174bb25403553e196857ae8
SHA1

386d691c3c19c5a10bb8d4395f7aa35bbf889f83
SHA256

79ccd63bed9f10bff3933bd2956920e07647e3ac62166020a2a2b021fd2be075
SHA512

6fb62c25773582226a84366e4fcfb5e1570bf93568e66dfec87b06a0c581fb61529dca2be04b98855331439f15170a2435ac34922a52f6717b0e7e42c821c872
SSDEEP

1536:K4t/+RkUAOwyzLVmJ7cMU49azsU6wP7r6OzKM8awzQvmrcATGeV5yCJG700UJLhw:K6vUyeVmJwMUeTGH1jGgmAYD7yCwKLmd

Score

N/A

Malware Config

Signatures

Files

79ccd63bed9f10bff3933bd2956920e07647e3ac62166020a2a2b021fd2be075
.exe windows x86

9f9d2051b54b37f4c34d2c5ea5d5e224

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetProcAddress
LoadLibraryA
SetFileTime
GetFileAttributesExA
WinExec
Sleep
WriteFile
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
OpenProcess
GetCurrentProcess
DuplicateHandle
CloseHandle
GetSystemDirectoryA
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLastError

user32

DefWindowProcA
ShowWindow
GetMessageA
RegisterClassExA
CreateWindowExA
TranslateMessage
PostQuitMessage
DispatchMessageA
GetDesktopWindow

advapi32

RegOpenKeyExA
ConvertSidToStringSidA
CreateServiceA
OpenSCManagerA
CloseServiceHandle
GetUserNameA
RegCloseKey
RegQueryValueExA
DeleteService
OpenServiceA
StartServiceA
LookupAccountNameA

msvcrt

__getmainargs
_strlwr
_controlfp
__set_app_type
__p__fmode
_access
sprintf
strstr
fclose
fflush
fwrite
fopen
rand
srand
time
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
_exit
_XcptFilter
exit
_acmdln
_stricmp
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

shlwapi

StrStrA
SHSetValueA
SHDeleteKeyA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f9d2051b54b37f4c34d2c5ea5d5e224

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

version

dbghelp

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 108KB - Virtual size: 105KB

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 108KB - Virtual size: 105KB

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB