b56fec58a6c8ee2aaa26a426d86146ede20f73d575324c92e4015484d2251364

General

Target

b56fec58a6c8ee2aaa26a426d86146ede20f73d575324c92e4015484d2251364
Size

180KB
MD5

5b890c5c3073aac6600875d17de68624
SHA1

f941cb2189c4cdb8fdff3e78c6837428eeb5089a
SHA256

b56fec58a6c8ee2aaa26a426d86146ede20f73d575324c92e4015484d2251364
SHA512

b3a02c78837668abb162a02917d720a86a264b8545e5af57e731d25df333ac61935d3d2436436cb627005e418584b1d96027660d0aeab130dfa38937f0a12f42
SSDEEP

3072:ibYNZ2xVr1syz2IqFKwN7Nw/BixRFw3q8yfVxkeVzdobDDxWccFO760rqrCRXMsq:ibxr+q/qE+6/BixRq3q8yNnoXDkwnqkQ

Score

N/A

Malware Config

Signatures

Files

b56fec58a6c8ee2aaa26a426d86146ede20f73d575324c92e4015484d2251364
.exe windows x86

c92d8bcf34717a0a2698888892cde3a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA

shlwapi

SHSetValueA
SHGetValueA
SHEnumValueA
StrStrIA
SHEnumKeyExA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

user32

wsprintfA

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

msvcrt

strerror
wctomb
__mb_cur_max
isalnum
ispunct
isupper
malloc
free
memset
memcmp
time
fclose
islower
fopen
sprintf
strcat
strcpy
atoi
strncpy
rand
wcscpy
mbstowcs
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
isalpha
strlen
printf
??2@YAPAXI@Z
isspace
tolower
isxdigit
isgraph
memcpy
fwrite

imagehlp

ImageNtHeader

kernel32

GetLastError
FindFirstFileA
GetModuleHandleA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
GetFileAttributesExA
SetFileTime
CreateFileA
CloseHandle
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
lstrlenA
GetSystemDirectoryA
GetStartupInfoA
GetFileAttributesA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c92d8bcf34717a0a2698888892cde3a3

Headers

File Characteristics

Imports

advapi32

shlwapi

ole32

user32

rpcrt4

shell32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 108KB - Virtual size: 105KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 108KB - Virtual size: 105KB