dcf31ab7570ec63f3a3ec6f711282ecedb72201a4fdae48e04723e2bb31fe373

Sharing

Copy URL Twitter E-mail

General

Target

dcf31ab7570ec63f3a3ec6f711282ecedb72201a4fdae48e04723e2bb31fe373
Size

140KB
MD5

fdb3cbbe447a270e2d77ff4104af3dd7
SHA1

cd3576ac5c6e49b3d255b93e246eb8fc86a495a9
SHA256

dcf31ab7570ec63f3a3ec6f711282ecedb72201a4fdae48e04723e2bb31fe373
SHA512

a1bbdae41950ab4c854a69fff0144de49774d114979e3e8a282563f20e869c86c858bba6b0cbee286eff7a94355ca4c2d9992a57a54d291685765f0bdfa95ae7
SSDEEP

3072:Uww1+ioWJZOduVDaFvIGglouN9ugaOo8+CHVkfIcQpvhBNd5:hqYdu8FvgeuN9cP8tVOIHVhBP5

Score

N/A

Malware Config

Signatures

Files

dcf31ab7570ec63f3a3ec6f711282ecedb72201a4fdae48e04723e2bb31fe373
.exe windows x86

fc3c93e0e10754b7b4929a37a07f50ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DuplicateHandle
GetCurrentProcess
OpenProcess
WriteFile
CreateFileA
GetVersionExA
SetFileTime
GetFileAttributesExA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalLock
Sleep
GlobalUnlock
GlobalFree
GetModuleFileNameA
GetSystemDirectoryA
WinExec
GetLastError

user32

TranslateMessage
GetMessageA
RegisterClassExA
DefWindowProcA
PostQuitMessage
ShowWindow
CreateWindowExA
DispatchMessageA
GetDesktopWindow

advapi32

RegCloseKey
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
LookupAccountNameA
GetUserNameA
DeleteService
RegQueryValueExA
RegOpenKeyExA
CreateServiceA
ConvertSidToStringSidA

shlwapi

StrStrA
SHDeleteKeyA
SHSetValueA

msvcrt

_exit
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
sprintf
strstr
_access
fclose
fflush
fwrite
fopen
rand
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
srand
time
_strlwr
_XcptFilter
exit
_acmdln
__getmainargs

dbghelp

ImageNtHeader

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc3c93e0e10754b7b4929a37a07f50ea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

dbghelp

version

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 104KB - Virtual size: 102KB

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 104KB - Virtual size: 102KB

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB