b175f3af58df4b7847847b30276e6f706d0482b6d868b9c860d4e7d17145cb9a

Sharing

Copy URL Twitter E-mail

General

Target

b175f3af58df4b7847847b30276e6f706d0482b6d868b9c860d4e7d17145cb9a
Size

29KB
MD5

2839221be31f6fda21435ef25f9be40e
SHA1

c4d4ffa8a39eb549ae00c33a027db72b1c7006a8
SHA256

b175f3af58df4b7847847b30276e6f706d0482b6d868b9c860d4e7d17145cb9a
SHA512

fdc10e8f763be7ce04e53a01c570afc7f4be427396f420aa2fde097d5ce6546b1ae8c7b06244a831a79253f7a5cb129282a3067fa0e29112bd7c088aaeee429e
SSDEEP

768:HNBVPW2ddHsdzrWb1q5Wd/oEsRB0GUlO7E:HNZdOQbwwA3RiGc

Score

N/A

Malware Config

Signatures

Files

b175f3af58df4b7847847b30276e6f706d0482b6d868b9c860d4e7d17145cb9a
.exe windows x86

f52cc11d57bfb2c30ae576a9780324df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
ControlService
StartServiceA
OpenServiceA
OpenSCManagerA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
DispatchMessageA
SetTimer
FindWindowA
KillTimer
FindWindowExA
SendMessageA
GetWindowThreadProcessId
TranslateMessage

shlwapi

SHDeleteKeyA

gdi32

GetStockObject

msvcr90

_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_encode_pointer
__dllonexit
_unlock
strncmp
srand
atoi
strtok
??_V@YAXPAX@Z
rand
strcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
strcpy
_vsnprintf
strstr
strchr
_snprintf
strlen
strncpy
malloc
memset
memcpy
free
sprintf
strcat
_lock

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
OpenProcess
VirtualAllocEx
WriteProcessMemory
GetCurrentProcessId
VirtualFreeEx
GetLogicalDriveStringsA
lstrcatA
CreateDirectoryA
SetErrorMode
CreateMutexA
ReleaseMutex
GetTempPathA
GetFileAttributesA
SetFileAttributesA
CopyFileA
TerminateThread
lstrcmpiA
GetLocaleInfoA
CreateThread
GetDriveTypeA
GetModuleFileNameA
ExpandEnvironmentStringsA
lstrlenA
GetVersionExA
GetModuleHandleA
GetProcAddress
LoadLibraryA
CreateFileA
ExitThread
GetTickCount
WriteFile
ReadProcessMemory
CloseHandle
GetLastError
CreateProcessA
WaitForSingleObject
Sleep
ExitProcess

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f52cc11d57bfb2c30ae576a9780324df

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

shlwapi

gdi32

msvcr90

kernel32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 273KB

.rsrc Size: 1024B - Virtual size: 688B

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 273KB

.rsrc
Size: 1024B - Virtual size: 688B