e0ea1666d320c2b6cf5d38645ab3c8bc6c4fd53daabeff4184de327916562789

Sharing

Copy URL Twitter E-mail

General

Target

e0ea1666d320c2b6cf5d38645ab3c8bc6c4fd53daabeff4184de327916562789
Size

265KB
MD5

b4f8fc3b1c033945e4a5dc0f90b875c3
SHA1

3c257a2ba307aa07c0b24027ebbc92a4d9af31a3
SHA256

e0ea1666d320c2b6cf5d38645ab3c8bc6c4fd53daabeff4184de327916562789
SHA512

8e3eaea7a7dc383f4e5080fad1cd9f36e9a63ff248f85eef8bbf979f59d5e67a0ea757fe97b2776dd89db5e4165dc95b7eec08d74c58e9a74384d242689637fb
SSDEEP

6144:MakiDzurN2wDyQDA2hrhs3S14HIlvWVw1h7nUs1GTaTwfRNQSr:rk8ihiSA2hV14HIlvWK1h7nUscTVQ

Score

N/A

Malware Config

Signatures

Files

e0ea1666d320c2b6cf5d38645ab3c8bc6c4fd53daabeff4184de327916562789
.exe windows x86

1e67a5c864bbf054ab13d514f4cc7836

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
ReadFile
HeapDestroy
LoadLibraryA
GetCurrentProcessId
HeapReAlloc
HeapFree
LCMapStringW
GetLocaleInfoA
RtlUnwind
IsDebuggerPresent
GetSystemTimeAsFileTime
GetTickCount
GetDateFormatA
GetCPInfo
QueryPerformanceCounter
SetEnvironmentVariableA
SetStdHandle
GetCurrentProcess
EnterCriticalSection
WriteFile
EnumResourceTypesA
SetEndOfFile
MultiByteToWideChar
VirtualAlloc
TerminateProcess
GetTimeZoneInformation
InitializeCriticalSection
WriteConsoleA
GetStringTypeW
GetTimeFormatA
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
LCMapStringA
VirtualFree
CreateMailslotW
LeaveCriticalSection
HeapSize
HeapCreate
GetOEMCP
CompareStringA
GetACP
SetFilePointer
CompareStringW
GetConsoleOutputCP
FreeLibrary
GetStringTypeA

advapi32

RegRestoreKeyW
SetEntriesInAclW
GetTokenInformation
ChangeServiceConfigW
StartServiceA
FreeSid
RegDeleteKeyW
EqualSid
IsValidSecurityDescriptor
UnlockServiceDatabase
SetSecurityInfo
RegCreateKeyExW
SetNamedSecurityInfoW
GetInheritanceSourceW
InitializeSecurityDescriptor
GetNamedSecurityInfoW
SetSecurityDescriptorDacl
OpenServiceW
AddAce
LookupPrivilegeNameA
GetAce
InitializeAcl
RegSaveKeyW
ChangeServiceConfig2W
ControlService
RegSetValueExW
RegDeleteValueW
AdjustTokenPrivileges
RegEnumKeyExW
QueryServiceConfigW
RegOpenKeyExW
GetSecurityDescriptorControl
LookupPrivilegeValueA
CloseServiceHandle
LookupAccountSidW
OpenProcessToken
RegCloseKey
IsValidAcl
CreateServiceW
RegGetKeySecurity
GetSecurityInfo
RegQueryValueExW
SetEntriesInAclA
QueryServiceLockStatusW
AllocateAndInitializeSid
FreeInheritedFromArray
LockServiceDatabase
EnumDependentServicesW
LookupPrivilegeDisplayNameA
OpenSCManagerW
GetAclInformation
DeleteService
QueryServiceStatus
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e67a5c864bbf054ab13d514f4cc7836

Headers

File Characteristics

Imports

kernel32

advapi32

oleacc

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 3KB - Virtual size: 146KB

.data Size: 203KB - Virtual size: 202KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 3KB - Virtual size: 146KB

.data
Size: 203KB - Virtual size: 202KB

.rsrc
Size: 512B - Virtual size: 4KB