fc37e05f62bf9cf132edb994c56bdf86602a6ae62c395b8ed19dfeaa30a489d7

Sharing

Copy URL Twitter E-mail

General

Target

fc37e05f62bf9cf132edb994c56bdf86602a6ae62c395b8ed19dfeaa30a489d7
Size

55KB
MD5

50ce41f4bd0af19a79805eff493716af
SHA1

3719faae651cf086a005b96a823ab5b2fc9506c4
SHA256

fc37e05f62bf9cf132edb994c56bdf86602a6ae62c395b8ed19dfeaa30a489d7
SHA512

9643e6a4a525754107f6f4d0667c77cc7d59fadbdbec0829adb02fccac82fbbe3455e0b05a9ff6b855a6d2d8010c3ce7f9644cf509697b43539f3dfd1f6a97a8
SSDEEP

768:ApNxUBp2gdTEVHCySoQbleLt4XNAEE6jx6Jq8JoynLquFA4U8SYAHgnWRAztX:qg7RqHC5TEW6uyLq0U5YAAJtX

Score

N/A

Malware Config

Signatures

Files

fc37e05f62bf9cf132edb994c56bdf86602a6ae62c395b8ed19dfeaa30a489d7
.exe windows x86

cae5f055df1a2a8448f6afc6d21a048c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetFileAttributesW
InterlockedExchange
GetModuleHandleA
ExitProcess
WriteConsoleW
SetLastError
InterlockedDecrement
GetProcessHeap
GetLocalTime
GetVersionExW
CreateEventW
LCMapStringW
VirtualAlloc
SetFileAttributesW
CreateDirectoryA
GetCommandLineW
FlushFileBuffers
GetStartupInfoA
GetDriveTypeW
OpenMutexA
GetDriveTypeA
CreateMutexA
GetModuleHandleW
CreateMutexW
FileTimeToSystemTime
IsBadReadPtr
GetCPInfo
GetStdHandle
GetLastError
CompareStringA
GetSystemDirectoryA
GetTempPathA
Sleep
CreateFileMappingW
GetLocaleInfoA
GetFullPathNameW
SetFilePointer
GetCurrentThreadId
FreeEnvironmentStringsW
MapViewOfFile
TlsFree
ResumeThread
LoadResource
RtlUnwind
IsDebuggerPresent
HeapReAlloc
GetModuleFileNameW
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentThread
LoadLibraryExA
GetCurrentProcessId
EnterCriticalSection
HeapAlloc
GetTickCount
MultiByteToWideChar
GetFileAttributesA
IsDBCSLeadByte
SetUnhandledExceptionFilter
lstrcmpW
lstrcmpiW
MulDiv
lstrlenW
FindResourceA
FindResourceW
GetExitCodeProcess
GetFileSize
GetThreadPriority
VirtualQuery
lstrcpynA
GetVersion
CreateProcessA

advapi32

AddAce
ChangeServiceConfigW
GetSidSubAuthority
LsaClose
RegQueryInfoKeyA
OpenSCManagerW
ConvertStringSecurityDescriptorToSecurityDescriptorW
LsaFreeMemory
LookupAccountNameW
RegQueryValueW
GetTokenInformation
RegQueryValueA
GetUserNameW
RegisterTraceGuidsW
RegOpenKeyW
UnlockServiceDatabase
ConvertSidToStringSidW
GetTraceLoggerHandle
RegCreateKeyW
CryptCreateHash
RegDeleteValueA
UnregisterTraceGuids
DeregisterEventSource
RegOpenKeyExW
CryptAcquireContextA
RegSetValueExW
DuplicateTokenEx
CryptDestroyHash
RegQueryValueExW
RegEnumKeyA
GetAce
CryptDestroyKey
GetSecurityDescriptorDacl
GetSidIdentifierAuthority
RevertToSelf
GetSidLengthRequired
RegCreateKeyExW
CryptGetHashParam
InitializeSecurityDescriptor
RegDeleteValueW
RegCreateKeyA
CopySid

user32

CreateWindowExA
GetFocus
InsertMenuW
EndPaint
GetSysColor
FillRect

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cae5f055df1a2a8448f6afc6d21a048c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 50KB - Virtual size: 50KB

.tls Size: 512B - Virtual size: 74KB

BSS Size: 512B - Virtual size: 416B

.reloc Size: 512B - Virtual size: 26B

.text
Size: 50KB - Virtual size: 50KB

.tls
Size: 512B - Virtual size: 74KB

BSS
Size: 512B - Virtual size: 416B

.reloc
Size: 512B - Virtual size: 26B