f692f162639cdf154c0daaa1490b7bdeb9a3e754b39b9e2a627d179ff02b14fa

Sharing

Copy URL Twitter E-mail

General

Target

f692f162639cdf154c0daaa1490b7bdeb9a3e754b39b9e2a627d179ff02b14fa
Size

175KB
MD5

43aed717860aac60c2769aa44c52c445
SHA1

86499dca27d46b9b3e71f7b448b9fefe44604fcf
SHA256

f692f162639cdf154c0daaa1490b7bdeb9a3e754b39b9e2a627d179ff02b14fa
SHA512

44fe0e29d11c90fe97ece1bfdb4a44e4db7a4d3cfab72ae4f4406d06ef6f06946665be15b0f9f64fe3d928ec5679676b918b47cd49d86d1d408892b0e5d8387a
SSDEEP

3072:jAbTRta6bn3Y1UuEqN2uwb90FCEF7Ef3QpYydUcgglHApEkECMHWufv/nbKRT:iRAMnME9uwE3y//ydUcg+cQWufvGRT

Score

N/A

Malware Config

Signatures

Files

f692f162639cdf154c0daaa1490b7bdeb9a3e754b39b9e2a627d179ff02b14fa
.exe windows x86

14a0aa01ebf936b5c5e8a59e27de75c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
LCMapStringA
LCMapStringW
EnterCriticalSection
HeapDestroy
GetStringTypeW
HeapFree
SetUnhandledExceptionFilter
SetFilePointer
SetEnvironmentVariableA
LeaveCriticalSection
GetCPInfo
CompareStringW
GetOEMCP
FreeLibrary
WriteFile
SetEndOfFile
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
EnumResourceTypesA
GetTimeFormatA
HeapCreate
HeapReAlloc
GetTimeZoneInformation
WriteConsoleA
IsValidCodePage
InitializeCriticalSection
CompareStringA
QueryPerformanceCounter
GetACP
RaiseException
MultiByteToWideChar
ReadFile
HeapSize
GetSystemTimeAsFileTime
CreateMailslotW
VirtualAlloc
RtlUnwind
IsDebuggerPresent
GetDateFormatA
SetStdHandle
GetLocaleInfoA
GetConsoleOutputCP
GetTickCount
VirtualFree
UnhandledExceptionFilter
GetStringTypeA

iphlpapi

GetIpAddrTable

oleacc

LresultFromObject
AccessibleObjectFromPoint

advapi32

RegQueryValueExW
AddAce
IsValidSecurityDescriptor
GetNamedSecurityInfoW
RegGetKeySecurity
EnumDependentServicesW
EqualSid
OpenSCManagerW
InitializeSecurityDescriptor
CloseServiceHandle
InitializeAcl
DeleteService
RegOpenKeyExW
LookupPrivilegeDisplayNameA
UnlockServiceDatabase
ChangeServiceConfigW
SetSecurityInfo
FreeSid
SetEntriesInAclW
OpenProcessToken
CreateServiceW
RegCloseKey
LookupPrivilegeValueA
QueryServiceStatus
ControlService
RegRestoreKeyW
SetSecurityDescriptorDacl
StartServiceA
RegDeleteKeyW
LookupAccountSidW
LookupPrivilegeNameA
SetEntriesInAclA
GetInheritanceSourceW
RegDeleteValueW
SetNamedSecurityInfoW
QueryServiceLockStatusW
FreeInheritedFromArray
RegEnumKeyExW
RegSetValueExW
IsValidAcl
OpenServiceW
ChangeServiceConfig2W
LockServiceDatabase
GetSecurityInfo
GetAclInformation
GetAce
GetTokenInformation
AllocateAndInitializeSid
RegSaveKeyW
RegCreateKeyExW
GetSecurityDescriptorControl
QueryServiceConfigW
AdjustTokenPrivileges
RegEnumValueW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14a0aa01ebf936b5c5e8a59e27de75c0

Headers

File Characteristics

Imports

kernel32

iphlpapi

oleacc

advapi32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 154KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 154KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB