be84cea2cefac40469b6f230154724e5d22a53351e701231db5d11aaf816582a

Sharing

Copy URL Twitter E-mail

General

Target

be84cea2cefac40469b6f230154724e5d22a53351e701231db5d11aaf816582a
Size

144KB
MD5

6697ef9093f9bda8e4d9a563d1071de4
SHA1

6804cfec1d81e8bb409f5994d09c2f75101c5b83
SHA256

be84cea2cefac40469b6f230154724e5d22a53351e701231db5d11aaf816582a
SHA512

d0973dead2b3114c931e02656e7e9839286330882f5d1f648a9f62b5a636b78c4340fea1246398acf0aab1a42533837c949d46765cc9430f616ca313c7ae43db
SSDEEP

3072:hmxIXhwxuJQGuki+8gwIngox9ATBnd/7F5egW8Iyz1V4/:hmx7GukJV7nOveYu

Score

N/A

Malware Config

Signatures

Files

be84cea2cefac40469b6f230154724e5d22a53351e701231db5d11aaf816582a
.exe windows x86

6eb82d8f813a3d89541229715aef935c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetProcAddress
LoadLibraryA
GetVersionExA
Sleep
WriteFile
GetFileAttributesExA
WinExec
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA
OpenProcess
GetCurrentProcess
DuplicateHandle
CloseHandle
GetSystemDirectoryA
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetFileTime

user32

DefWindowProcA
PostQuitMessage
DispatchMessageA
GetDesktopWindow
TranslateMessage
GetMessageA
RegisterClassExA
ShowWindow
CreateWindowExA

advapi32

GetUserNameA
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
CreateServiceA
ConvertSidToStringSidA
LookupAccountNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
DeleteService

shlwapi

SHDeleteKeyA
SHSetValueA

msvcrt

_exit
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
rand
srand
time
fclose
fflush
fwrite
fopen
sprintf
strstr
_access
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
_XcptFilter
exit
_acmdln
__getmainargs

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dbghelp

ImageNtHeader

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6eb82d8f813a3d89541229715aef935c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

version

dbghelp

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 104KB - Virtual size: 102KB

edata Size: 4KB - Virtual size: 4B

cdata Size: 4KB - Virtual size: 4B

idata Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 104KB - Virtual size: 102KB

edata
Size: 4KB - Virtual size: 4B

cdata
Size: 4KB - Virtual size: 4B

idata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB