e7368490cae7a9df3b5eb35d083c0b921de3bbb139c92ae86baf2f4b181d83a7

Sharing

Copy URL Twitter E-mail

General

Target

e7368490cae7a9df3b5eb35d083c0b921de3bbb139c92ae86baf2f4b181d83a7
Size

148KB
MD5

905075bfc0aa584c2c4dbf8a052317c0
SHA1

e2ab2e3167242c9b22ad3ea172d573d4216cf0bb
SHA256

e7368490cae7a9df3b5eb35d083c0b921de3bbb139c92ae86baf2f4b181d83a7
SHA512

8429e86e23608109e1c55090d9291f906f0fbf6a4cc1ade8536762a1e58c5d014797b92ead74dc285b556797b7fba2f1fdb7605780c38cd1c6a61e86edd13661
SSDEEP

3072:XEygCSCcqURVKBC5CH+xUq8C6w95YeoLoSqtIz5:UygCSCcqpBC564Y6bYe5t

Score

N/A

Malware Config

Signatures

Files

e7368490cae7a9df3b5eb35d083c0b921de3bbb139c92ae86baf2f4b181d83a7
.exe windows x86

edc6f1aa271234df20c7b3a340995fd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

__p__commode
__set_app_type
_initterm
__wgetmainargs
__p___winitenv
__p__fmode
_except_handler3
__dllonexit
??1type_info@@UAE@XZ
_controlfp
_ultow
_onexit
realloc
malloc
??2@YAPAXI@Z
swprintf
wcslen
_vsnwprintf
wcscpy
_XcptFilter
_wcsnicmp
fwprintf
_adjust_fdiv
_purecall
__setusermatherr
_exit
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
exit
fwscanf
free
_CxxThrowException
_wcsicmp
_iob
_EH_prolog
__CxxFrameHandler
??3@YAXPAX@Z

kernel32

GetProcAddress
FindClose
GetFileAttributesW
CopyFileW
FindNextFileW
FindFirstFileW
CreateDirectoryW
MoveFileW
DeleteFileW
lstrcpyW
SetFileAttributesW
CreateFileW
RemoveDirectoryW
lstrcmpW
GetDiskFreeSpaceExW
GetFullPathNameW
GetLastError
GetModuleHandleW
GetVersionExA
GetDriveTypeW
VirtualFree
GetFileSizeEx
DeleteCriticalSection
InitializeCriticalSection
HeapReAlloc
CloseHandle
SetLastError
HeapFree
GetProcessHeap
EnterCriticalSection
GetModuleFileNameW
FreeLibrary
LeaveCriticalSection
FormatMessageW
LoadLibraryExW
lstrlenW

user32

CharUpperW
LoadStringW

ole32

CLSIDFromProgID

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetFileSecurityW
CloseServiceHandle
OpenServiceW
GetSidLengthRequired
GetSidSubAuthority
GetLengthSid
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
AddAce
GetAce
InitializeSid
RegCloseKey
QueryServiceStatus
OpenSCManagerW
InitializeAcl
AddAccessAllowedAce
AddAccessDeniedAce
GetAclInformation

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

h
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

edc6f1aa271234df20c7b3a340995fd1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

advapi32

Sections

.text Size: 36KB - Virtual size: 33KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

h Size: 96KB - Virtual size: 96KB

.text
Size: 36KB - Virtual size: 33KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB

h
Size: 96KB - Virtual size: 96KB