ca1e0c1476bda2c598badf70bad3d72bdf98edfbadae5afc8f893ca206bed2bd

Sharing

Copy URL Twitter E-mail

General

Target

ca1e0c1476bda2c598badf70bad3d72bdf98edfbadae5afc8f893ca206bed2bd
Size

120KB
MD5

3c33ca314af6465e786adbba5cd95da6
SHA1

1425f057d76411d6380fd8e8027d17ac97f6f3c2
SHA256

ca1e0c1476bda2c598badf70bad3d72bdf98edfbadae5afc8f893ca206bed2bd
SHA512

b085ef82bfce574781aed0857e7b60b176035afd330fa3ba6f041766d91e60863ba25bfef524045df3732c54e596cc863559bc3f82b1d577d7e1523e8780587e
SSDEEP

1536:XdwEKBZyY9nAb5M6PkpTHY0AQd+neY/eSE8ZrwHI5udZ5pbypvdNU2RS5SmpNKOS:twvmYFV6saFw8ZrwHI5udrpbEwYm5x

Score

N/A

Malware Config

Signatures

Files

ca1e0c1476bda2c598badf70bad3d72bdf98edfbadae5afc8f893ca206bed2bd
.dll windows x86

5dfe22376d76336ceb29ca600a4821ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExW
RegDeleteKeyW
CloseServiceHandle
LookupAccountSidW
RegOpenKeyExW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
RegSetValueExA
EqualSid
LockServiceDatabase
RegCreateKeyExW
LookupPrivilegeValueA
RegDeleteKeyA
GetTokenInformation
RegQueryInfoKeyW
RegCreateKeyExA
RegQueryValueW
RegQueryValueExW
AllocateAndInitializeSid
RegEnumValueW
ChangeServiceConfig2A
FreeSid

version

GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

kernel32

RtlUnwind
GetStringTypeW
MultiByteToWideChar
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetModuleHandleA
GetHandleInformation
LoadLibraryA
GetProcAddress
IsValidLocale
WideCharToMultiByte
HeapSize
IsBadWritePtr
GetThreadLocale
LCMapStringW
LoadLibraryW
SearchPathW
GetLastError
WriteConsoleW
GetShortPathNameA
LoadLibraryExW
GetVersionExA
GetTempFileNameW
GetSystemInfo
ReadFile
VirtualFree
SystemTimeToFileTime
GetCPInfo
LCMapStringA
HeapAlloc
FindResourceA
CreateProcessW
VirtualAlloc
GlobalHandle
HeapFree
ExitProcess
ExpandEnvironmentStringsA
CopyFileA
SetStdHandle
IsBadStringPtrW
GetVersionExW
LeaveCriticalSection
GetCurrentThread
GetModuleFileNameW
CreateMutexA
CompareStringW
GetStringTypeA
lstrcmpA
ExitThread
UnmapViewOfFile
GetStartupInfoW
GetTimeFormatA
SetCurrentDirectoryA
lstrcpynW
GetConsoleCP
LockResource
IsValidCodePage
Sleep
SetPriorityClass
lstrcmpiW
GetFileTime
FormatMessageA
HeapDestroy
GetFileType
CreateThread
CopyFileW
GetSystemTime
GetCommandLineA
GetVersion
HeapCreate
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
FatalAppExitA
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CloseHandle
CreateFileA
UnhandledExceptionFilter
GetACP
GetOEMCP

Exports

Exports

Asks

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dfe22376d76336ceb29ca600a4821ab

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 53KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 53KB

.reloc
Size: 8KB - Virtual size: 6KB