bb30cfd026bf6c85e8122bc72af2fffc28b0654fbdf09a6fd7ffc371a7437256

Sharing

Copy URL Twitter E-mail

General

Target

bb30cfd026bf6c85e8122bc72af2fffc28b0654fbdf09a6fd7ffc371a7437256
Size

128KB
MD5

4f7e9f5a628a5a8f081b631d5c1b5506
SHA1

076acbd17b158dd90c275b42e0f36dc7a3376aa3
SHA256

bb30cfd026bf6c85e8122bc72af2fffc28b0654fbdf09a6fd7ffc371a7437256
SHA512

15ab197111e6b4e2d43009108eca9a7d4d497874ec41ec70d057b5e1e14b6a5b290222f86850cc09dbbc3d66d984a9812b9d5100f4b812a03a29e0eb9425ede8
SSDEEP

1536:reUzM7gwHFhVt4m4mHqJcxllRzqIJQdn8agaywctfR:07gwlXz1KJcTzqV8Oywct5

Score

N/A

Malware Config

Signatures

Files

bb30cfd026bf6c85e8122bc72af2fffc28b0654fbdf09a6fd7ffc371a7437256
.exe windows x86

759fd565fe8f2bb2f6cdb17150265747

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pdh

PdhOpenQueryA
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhCloseQuery

kernel32

FindResourceA
Sleep
DeleteFileA
GetCurrentProcess
ReadFile
LoadResource
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetComputerNameA
GetVersion
SizeofResource
LockResource
FormatMessageA
LocalFree
CreateFileA
CloseHandle
GetTickCount
GetLastError
SetLastError
SetErrorMode
GetLogicalDrives
GetVolumeInformationA
GetDriveTypeA
GetDiskFreeSpaceExA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
LoadLibraryA
GetTimeFormatA
SetStdHandle
SetFilePointer
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
GetCommandLineA
WriteFile
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetProcAddress
GetModuleHandleA
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetStringTypeA

advapi32

RegEnumKeyA
RegConnectRegistryA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
DeleteService
ControlService
OpenSCManagerA
OpenServiceA
StartServiceA
QueryServiceStatus
CreateServiceA
CloseServiceHandle

ole32

CoInitializeSecurity
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
SysAllocString

mpr

WNetAddConnection2A

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

759fd565fe8f2bb2f6cdb17150265747

Headers

File Characteristics

Imports

pdh

kernel32

advapi32

ole32

oleaut32

mpr

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 48KB - Virtual size: 45KB