6cc886083ad3de7a493f9bd9de4e8169ba8402a6b030eec7fa061f0f5ef4b252

General

Target

6cc886083ad3de7a493f9bd9de4e8169ba8402a6b030eec7fa061f0f5ef4b252
Size

302KB
MD5

7acbb78f1e80e4d9a9935189ad815ed0
SHA1

b87ee1cb2185fb8ca8f18242550b5d388c5d2e17
SHA256

6cc886083ad3de7a493f9bd9de4e8169ba8402a6b030eec7fa061f0f5ef4b252
SHA512

8ad45c865ad5fc9c76fc17aa7769557c2c2ca91e439f0c7163a23ffb5be79fafb24bc58a068ef8bab7d32a39fa964d06d510a5692edd2a7ff96dab4dbe5dabf4
SSDEEP

6144:sr6WMMmZZThl14nDWgRAkP79GQn8xID0DMFAzJvFMH6KsG9:sr6QmgR3P79GLxe0DVjq6Ks4

Score

N/A

Malware Config

Signatures

Files

6cc886083ad3de7a493f9bd9de4e8169ba8402a6b030eec7fa061f0f5ef4b252
.exe windows x86

7a2cc25a5184f5bbd40fb1c7e91776a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
LoadResource
FindResourceA
SetUnhandledExceptionFilter
Sleep
SizeofResource
GetCommandLineA
GetLocalTime
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleA
FreeResource
MultiByteToWideChar
GetVersion
CreateRemoteThread
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
lstrcpyA
lstrcatA
GetCurrentThread
GetProcAddress
ResumeThread
GetWindowsDirectoryA
MoveFileExA
CopyFileA
DeleteFileA
GetCurrentProcessId
FreeLibrary
GetCurrentProcess
ExitProcess
GetLastError
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
ReleaseMutex

user32

GetMessageA
GetInputState

advapi32

LockServiceDatabase
UnlockServiceDatabase
StartServiceA
CloseServiceHandle
LookupPrivilegeValueA
OpenServiceA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
EqualSid
GetAce
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetFileSecurityA
GetUserNameA

msvcrt

_XcptFilter
_except_handler3
??3@YAXPAX@Z
strncmp
strtoul
isdigit
exit
??2@YAPAXI@Z
strstr
_exit
_strlwr
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a2cc25a5184f5bbd40fb1c7e91776a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

netapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 291KB - Virtual size: 292KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 291KB - Virtual size: 292KB