bfbad9efda48d15973044ef798fe656f5f39ace35b26370ed3d4c1d3d006dcb5

Sharing

Copy URL Twitter E-mail

General

Target

bfbad9efda48d15973044ef798fe656f5f39ace35b26370ed3d4c1d3d006dcb5
Size

209KB
MD5

5824d9079e7567f03860506b744ae0eb
SHA1

1616d369b377e991c88e3a930098aa3ff32ae5f4
SHA256

bfbad9efda48d15973044ef798fe656f5f39ace35b26370ed3d4c1d3d006dcb5
SHA512

8764c8523fb602a1f87f4649e7ac8344c8845af0a251ff37b3ca431f0b95a9aec1980a24a6f0d4fdc8d6aed8f699521b6eb212924d7f8e149b62b449cc01dc1c
SSDEEP

3072:XrLdvQEbcDVlTtLsydafdmm45n0cDFBOg5NO+F+Q5eA9s0bv0J1nVHl2l:XZb6lpsIafP41DUYt+rAdbv09HlY

Score

N/A

Malware Config

Signatures

Files

bfbad9efda48d15973044ef798fe656f5f39ace35b26370ed3d4c1d3d006dcb5
.exe windows x86

ffc5b70fb65075bd071bdddda1a1e3de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MakeSureDirectoryPathExists

kernel32

GetTempPathA
SetUnhandledExceptionFilter
GetCommandLineA
SetProcessWorkingSetSize
DeleteFileA
CompareStringA
GetStringTypeW
CopyFileA
WritePrivateProfileStringA
GetShortPathNameA
lstrcatA
Sleep
GetLastError
lstrcpyA
LocalFileTimeToFileTime
SetFileTime
GlobalAlloc
GlobalFree
GetCurrentProcess
CloseHandle
ExitProcess
CreateFileA
SetEnvironmentVariableA
WriteFile
lstrlenA
Process32Next
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
CompareStringW
GetModuleHandleA
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetVersion
HeapReAlloc
RtlUnwind
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
LCMapStringA

user32

IsCharAlphaNumericA

advapi32

AdjustTokenPrivileges
RegOpenKeyA
RegCreateKeyA
ChangeServiceConfigA
OpenServiceA
ControlService
OpenSCManagerA
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffc5b70fb65075bd071bdddda1a1e3de

Headers

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

shell32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 31KB

.rsrc Size: 131KB - Virtual size: 131KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 31KB

.rsrc
Size: 131KB - Virtual size: 131KB