b0e553fcf6d57af22b735da4fb34c65b5e8190dda6f829d92adc8b928ef1a1f0

Sharing

Copy URL Twitter E-mail

General

Target

b0e553fcf6d57af22b735da4fb34c65b5e8190dda6f829d92adc8b928ef1a1f0
Size

164KB
MD5

ad46cd8599164357778054c8da7d85f0
SHA1

652ee60c7d26d8ea400fed9d12b9d839a6142d11
SHA256

b0e553fcf6d57af22b735da4fb34c65b5e8190dda6f829d92adc8b928ef1a1f0
SHA512

8a77ff41fe4a2e1be1f8b0ff929d4c631a0032866a869753fd91198bb1ea1a6b0b38ad52a772f824497817e00006fef11668d727806e704e0d338315644e31a2
SSDEEP

3072:8VrlkO2iRo1+dNDWTEJfLtdUKPDdU482x+wnBakTHIlE9A:8hBRmCDWUfDUt2bFq

Score

N/A

Malware Config

Signatures

Files

b0e553fcf6d57af22b735da4fb34c65b5e8190dda6f829d92adc8b928ef1a1f0
.dll windows x86

433edf9fd049ef0cfa684a9605e54bf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
LookupPrivilegeValueA
EqualSid
LockServiceDatabase
RegDeleteValueA
InitializeSecurityDescriptor
RegFlushKey
LookupAccountSidW
RegCreateKeyExA
RegEnumValueW
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExA
RegQueryInfoKeyW
ChangeServiceConfigA
GetSecurityDescriptorControl
ChangeServiceConfig2A

version

GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA
VerQueryValueW

kernel32

RtlUnwind
GetStringTypeW
LCMapStringA
MultiByteToWideChar
SetFilePointer
ReadFile
LoadLibraryA
GetHandleInformation
GetModuleHandleA
GetProcAddress
IsValidLocale
GetVersionExA
CreateEventW
GetLocaleInfoW
IsBadReadPtr
lstrcpyA
InitializeCriticalSection
GetShortPathNameA
CreateFileMappingW
CreateThread
InterlockedIncrement
GlobalAlloc
HeapAlloc
SetCurrentDirectoryA
ResetEvent
CloseHandle
SearchPathW
GetStringTypeA
MapViewOfFile
VirtualAlloc
HeapReAlloc
GetStartupInfoW
LCMapStringW
SetEndOfFile
CreateMutexA
SetLastError
ReleaseMutex
SystemTimeToFileTime
ExitProcess
FindResourceW
IsValidCodePage
GetProcessHeap
GetACP
CreateProcessA
CompareStringA
InterlockedDecrement
InterlockedCompareExchange
GetFileSize
GetSystemTime
LocalFree
CreateProcessW
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
CreateFileA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
FlushFileBuffers
SetStdHandle

Exports

Exports

PBOHXHHCUJT

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

433edf9fd049ef0cfa684a9605e54bf7

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 52KB - Virtual size: 53KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 52KB - Virtual size: 53KB

.reloc
Size: 12KB - Virtual size: 10KB