c282bdc7476be51f0c2a124ca212940345a9039cd17e927956f805f7bde93a78

Sharing

Copy URL Twitter E-mail

General

Target

c282bdc7476be51f0c2a124ca212940345a9039cd17e927956f805f7bde93a78
Size

532KB
MD5

25c91eca3318d11756b51f7bf68042e0
SHA1

cd46bca6362a1c77f7fba4a9fef33c81a0d7c2ba
SHA256

c282bdc7476be51f0c2a124ca212940345a9039cd17e927956f805f7bde93a78
SHA512

248c6011fa21a1bcf4247b987e7a574deb239ddebb62635ddeb95eb7d6789faac4f13d4497356fa483dfd8f11859612116b4f7335dabe58d6273af74b75519cd
SSDEEP

12288:aZMyvUNprvA2ymfK5ZlSsc7dew4ucxJoS38:aZMW4prXOSsKglF3

Score

N/A

Malware Config

Signatures

Files

c282bdc7476be51f0c2a124ca212940345a9039cd17e927956f805f7bde93a78
.exe windows x86

c9dd605ecbf805ff0f1890db4c7e6c56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_exit
_XcptFilter
__p___initenv
__getmainargs
_purecall
??2@YAPAXI@Z
exit
??3@YAXPAX@Z
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_adjust_fdiv
_initterm

advapi32

DeleteService
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegOpenKeyA
ControlService
OpenServiceA
QueryServiceStatus
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
CloseServiceHandle
ChangeServiceConfigA
OpenSCManagerA
CreateServiceA
RegFlushKey

kernel32

lstrcmpiA
CloseHandle
GetProcAddress
GetVersionExA
GetModuleHandleA
OpenEventA
Sleep
GetLastError
GetModuleFileNameA
SetConsoleCtrlHandler
CreateEventA
FreeLibrary
GetTickCount
SetEvent
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
SetCurrentDirectoryA
AddAtomA
lstrcpyA
GetComputerNameA
lstrlenA
lstrcpynA
lstrcatA

user32

MsgWaitForMultipleObjects
TrackPopupMenuEx
DispatchMessageA
GetCursorPos
LoadMenuA
GetSubMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
SetFocus
RemoveMenu
DestroyMenu
RegisterClassA
CreateWindowExA
LoadIconA
DestroyIcon
DestroyWindow
KillTimer
SetTimer
SystemParametersInfoA
DefWindowProcA
LoadStringA
PostQuitMessage
PeekMessageA
TranslateMessage
GetDesktopWindow
CharNextA

ole32

CoUninitialize
CoInitialize
CoGetClassObject

oleaut32

SysAllocStringLen
SysAllocStringByteLen
SysFreeString

shell32

Shell_NotifyIconA

crypt32

CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CertOpenStore

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c9dd605ecbf805ff0f1890db4c7e6c56

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

ole32

oleaut32

shell32

crypt32

Sections

.text Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 408B

.rsrc Size: 8KB - Virtual size: 5KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 408B

.rsrc
Size: 8KB - Virtual size: 5KB

.vmp0
Size: 500KB - Virtual size: 1.6MB