c139489e01241aaf9aa38ad6a3510eb1d63ebc8472091993061806bd1170b41d

General

Target

c139489e01241aaf9aa38ad6a3510eb1d63ebc8472091993061806bd1170b41d
Size

220KB
MD5

05add74927121bd7aaf7b2675c6569a3
SHA1

5af5b702df6196ea8533ab1a82d1a15401c11efe
SHA256

c139489e01241aaf9aa38ad6a3510eb1d63ebc8472091993061806bd1170b41d
SHA512

252c91d77efa047da0bdfbba9c648cefd9f15fc0a68d17af1f5fcd1f7219094d7a327bc6c96884d05b730afc8b4c2c5ccc3450acd919f6588e4a82ca45e2d531
SSDEEP

6144:f/cJ5/TL65QHJael91r1MIV1Odfl4D5nAfeba9XoU:cfTLmQpJl93MJdd4Dlmz9XoU

Score

N/A

Malware Config

Signatures

Files

c139489e01241aaf9aa38ad6a3510eb1d63ebc8472091993061806bd1170b41d
.exe windows x86

2fa52687c20f4032d375ccb177676f05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetLastError
CreateProcessA
CreateThread
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
CreateMutexA
Sleep
GetModuleFileNameA
GetLastError
CreateEventA
CloseHandle
WaitForSingleObject
DeleteFileA
SetEvent
GetVolumeInformationA
GetLocalTime
ResumeThread
TlsSetValue
ExitThread
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapFree
InitializeCriticalSection
TlsAlloc
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
ReadFile
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
InterlockedDecrement
InterlockedIncrement
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetStringTypeA
GetStringTypeW

advapi32

RegQueryValueExA
StartServiceCtrlDispatcherA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
RegCloseKey
RegOpenKeyA

shlwapi

PathFileExistsA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fa52687c20f4032d375ccb177676f05

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 180KB - Virtual size: 184KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 180KB - Virtual size: 184KB

.rsrc
Size: 4KB - Virtual size: 2KB