b7d619df58911a0a7fee9fb1591da26dc9005d0e404590b6bf3863d346ca1a8a

Sharing

Copy URL Twitter E-mail

General

Target

b7d619df58911a0a7fee9fb1591da26dc9005d0e404590b6bf3863d346ca1a8a
Size

144KB
MD5

ff9d18470f6b2fb8ea1ea0257dc94f13
SHA1

4857fd3c5e4074459ec5287b94e174dff73f8e31
SHA256

b7d619df58911a0a7fee9fb1591da26dc9005d0e404590b6bf3863d346ca1a8a
SHA512

2e2c7c297ff05fb1b311380bf68b7fe628b652f348aa953ad6c6d8a3d1ef15d5dbadf1826f9be5317bca933fa07cf24d793d8942663bd67d2e75ddbce2df2c6b
SSDEEP

1536:apdLnQb2+kLTkfrBS4LLXoROEUdm+UWuI7mPGToc1jOeZu5k1eQ:aXQlftFLLXoAEQDJTocp45meQ

Score

N/A

Malware Config

Signatures

Files

b7d619df58911a0a7fee9fb1591da26dc9005d0e404590b6bf3863d346ca1a8a
.exe windows x86

1df92eb5ef0391e512f8ad00b3e5c5b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
GetLastError
CreateMutexW
CreateEventW
GetTickCount
Sleep
SetEvent
GetCurrentThread
InitializeCriticalSection
GetShortPathNameW
WaitForSingleObject
LeaveCriticalSection
GetModuleFileNameW
WaitForMultipleObjects
ReleaseMutex
ResetEvent
OpenEventW
GetOverlappedResult
CreateProcessW
IsBadStringPtrW
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
CreateFileW
DeviceIoControl
CloseHandle
GetVersionExW
EnterCriticalSection
DeleteCriticalSection
GetCurrentProcess
VirtualAlloc
RtlUnwind
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetCommandLineA
GetVersion
HeapFree
TerminateProcess
ExitProcess
HeapReAlloc
HeapAlloc
HeapSize
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
SetEndOfFile
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
CreateFileA
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
ReadFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

wsprintfW

advapi32

CreateServiceW
OpenServiceW
StartServiceW
DeleteService
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
RegCreateKeyW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
ControlService

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1df92eb5ef0391e512f8ad00b3e5c5b0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 66KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 66KB

.rsrc
Size: 32KB - Virtual size: 32KB