79db2cf434613177e652e306bf9aa8ec0dce9d8c656d961dc846be2d6da0f65c

Sharing

Copy URL Twitter E-mail

General

Target

79db2cf434613177e652e306bf9aa8ec0dce9d8c656d961dc846be2d6da0f65c
Size

53KB
MD5

ad47ef08620c3f87f152a38d006097da
SHA1

f45894d4723f5ccfa75eb3bee0fccda4ab4debff
SHA256

79db2cf434613177e652e306bf9aa8ec0dce9d8c656d961dc846be2d6da0f65c
SHA512

c32b5567377a344c753966f250d73e45725e71631750b3badf5f8dbb8f41bfa9bdddd01aa9f00c9b522824e3db280dbf179ece1b553369ab07461aa83c6517be
SSDEEP

384:Y7LaITpgjbL8JLEiVRB7+TR1b1Lfjzist:Y7LaCmL2LV7ivBL7+s

Score

N/A

Malware Config

Signatures

Files

79db2cf434613177e652e306bf9aa8ec0dce9d8c656d961dc846be2d6da0f65c
.exe windows x86

f606877d9155df8179d2a01b1176035d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ResetEvent
InitializeCriticalSection
Sleep
CreateThread
CreateEventA
Process32Next
WaitForSingleObject
SetEvent
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
GetLastError
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
Process32First
OutputDebugStringA
CloseHandle
LeaveCriticalSection
GetStartupInfoA

user32

GetWindowLongA
PostQuitMessage
SetTimer
KillTimer
GetMessageA
MessageBoxA
PostMessageA
DispatchMessageA
TranslateMessage
SetWindowLongA
CreateWindowExA
RegisterClassExA
FindWindowA
DefWindowProcA

advapi32

OpenSCManagerA
CreateProcessAsUserA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
ControlService
DeleteService
StartServiceA
CreateServiceA
StartServiceCtrlDispatcherA
QueryServiceStatus
OpenServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
DuplicateTokenEx

shell32

SHGetSpecialFolderPathA

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

wininet

InternetGetConnectedState

mfc42

ord537
ord823
ord825
ord540
ord800

msvcrt

__setusermatherr
_initterm
__getmainargs
_acmdln
__p__commode
__p__fmode
_controlfp
_adjust_fdiv
__set_app_type
__CxxFrameHandler
_except_handler3
_local_unwind2
sprintf
_mbscmp
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
_XcptFilter
exit

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f606877d9155df8179d2a01b1176035d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

userenv

wininet

mfc42

msvcrt

msvcp60

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB