c2c38c2565d174f9ee2946bfda66d7acdb2847e636effde746e8f88cf7dbfbb1

Sharing

Copy URL

Twitter E-mail

General

Target

c2c38c2565d174f9ee2946bfda66d7acdb2847e636effde746e8f88cf7dbfbb1
Size

275KB
MD5

8521ca7f09d699e82d3665f55c5a9bfb
SHA1

ec6e4769c1e018953e19d968f58accff6566f611
SHA256

c2c38c2565d174f9ee2946bfda66d7acdb2847e636effde746e8f88cf7dbfbb1
SHA512

7ffca87d384ac24d8202c1225c62e71302279810cd9650c307f363e6561cea2a4b4ff8e5886da031caf071a093ae903732a20df2c3a6cb315cc45616c071a010
SSDEEP

6144:lUQLf9JLYJGcGYZcHk+WABoa61k5mfq47S9c9/TJhZhnm9:iQLf9JwOSmkGB961q4GydPh+

Score

N/A

Malware Config

Signatures

Files

c2c38c2565d174f9ee2946bfda66d7acdb2847e636effde746e8f88cf7dbfbb1
.dll windows x86

8fb7cc4277f60b139a81f3532c2e0337

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcschr
wcsncmp
_wcsnicmp
memmove
towlower
iswalpha
iswdigit
wcslen
free
_stricmp
__CxxFrameHandler
_except_handler3
printf
wcscmp
_vsnprintf
_purecall
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm

advapi32

CryptGetProvParam
CryptGetUserKey
CryptGenKey
TraceMessage
RegCloseKey
RegSetValueExW
RegCreateKeyExW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegOpenKeyExW
RegQueryValueExW
CheckTokenMembership
OpenThreadToken
GetTokenInformation
GetWindowsAccountDomainSid
CreateWellKnownSid
RegisterServiceCtrlHandlerExW
CryptContextAddRef
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CloseServiceHandle
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
SetServiceStatus

kernel32

HeapCreate
HeapDestroy
HeapAlloc
HeapFree
Sleep
SwitchToThread
CloseHandle
UnregisterWaitEx
InterlockedCompareExchange
SetEvent
RegisterWaitForSingleObject
CreateEventW
GetCurrentThread
WideCharToMultiByte
MultiByteToWideChar
DeleteFileW
CompareStringA
VirtualProtect
GetProcessHeap
CompareFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetSystemDirectoryW
GetLastError
GetProcAddress
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualAlloc
LoadLibraryW

rpcrt4

RpcEpRegisterW
RpcServerRegisterIfEx
RpcServerRegisterAuthInfoW
RpcServerUseProtseqEpW
RpcServerUseProtseqW
I_RpcExceptionFilter
NdrClientCall2
UuidCreate
I_RpcBindingInqTransportType
RpcBindingInqAuthClientW
RpcErrorStartEnumeration
RpcErrorGetNextRecord
RpcErrorEndEnumeration
RpcRevertToSelf
RpcImpersonateClient
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcServerUnregisterIfEx
RpcServerInqBindings
RpcStringFreeW
RpcBindingToStringBindingW
RpcStringBindingParseW
RpcBindingVectorFree
NdrServerCall2
UuidToStringW

crypt32

CryptEncodeObject
CertVerifyValidityNesting
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CryptDecodeObject
CertCloseStore
CertDuplicateCertificateContext
CertVerifySubjectCertificateContext
CertFreeCertificateContext
CertOpenStore
CertDuplicateStore
CertEnumCertificatesInStore

userenv

RegisterGPNotification
UnregisterGPNotification

Exports

Exports

ServiceMain

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fb7cc4277f60b139a81f3532c2e0337

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

rpcrt4

crypt32

userenv

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 173KB - Virtual size: 173KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 173KB - Virtual size: 173KB

.reloc
Size: 10KB - Virtual size: 9KB