af56d828b3d4260abd94a0001d89583963a92ca15bc325f8a39e2c28f571acdc

Sharing

Copy URL Twitter E-mail

General

Target

af56d828b3d4260abd94a0001d89583963a92ca15bc325f8a39e2c28f571acdc
Size

152KB
MD5

6dd515877fd1c672078b2e79cd27841c
SHA1

c8920f672fd5a2cd9fda030afe39d54c1bae26b9
SHA256

af56d828b3d4260abd94a0001d89583963a92ca15bc325f8a39e2c28f571acdc
SHA512

e3697ac3e669750d640b43c1f3c50fabf66bebb5ee83dea09a0f8f562c3f105ead45cd4581b17e01bd0bd5ad656fbdc36c26d79ced58e02952706d3a29d2a894
SSDEEP

3072:FjhdcXc4lWMDr76d5E7g3wfuAA+khnskkjNJjzpeZBCVGjSi:ZhdcpoMDr7O1BR+kh+j4CVPi

Score

N/A

Malware Config

Signatures

Files

af56d828b3d4260abd94a0001d89583963a92ca15bc325f8a39e2c28f571acdc
.exe windows x86

e5d31edcd1192813094ec321b878227b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
GetSystemMenu
CloseWindowStation
DestroyMenu
GetMessageW
EndPaint
GetPropW
GetKeyboardLayout
GetMenuItemInfoA
GetMenuStringA
CheckDlgButton
EnableScrollBar

advapi32

OpenServiceW
OpenEventLogW
SetServiceStatus
RegSetValueExW
RegRestoreKeyA
IsTextUnicode
LsaFreeMemory
QueryServiceConfigW
AccessCheck
RegisterServiceCtrlHandlerA
StartServiceW
EnumServicesStatusW
RegSaveKeyA
LsaAddAccountRights
RegDeleteValueA
LsaOpenPolicy
RegNotifyChangeKeyValue
EqualSid
RegSetValueW
RegDeleteKeyW
UnlockServiceDatabase
AbortSystemShutdownA
LsaNtStatusToWinError
RegSetValueExA
QueryServiceConfigA
RegFlushKey
LsaQueryInformationPolicy
CloseEventLog
InitiateSystemShutdownA
LsaRetrievePrivateData
RegisterEventSourceA
LsaClose
RegDeleteValueW
RegDeleteKeyA
ReportEventA
OpenSCManagerW
RegSetValueA
QueryServiceStatus
LockServiceDatabase
PrivilegeCheck
ChangeServiceConfigW
CloseServiceHandle

version

VerQueryValueA
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

GetLastError
GlobalReAlloc
GetProcessTimes
DisconnectNamedPipe
CreateDirectoryW
DuplicateHandle
lstrcat

imagehlp

CheckSumMappedFile
SymEnumerateModules
MapFileAndCheckSumA
SymGetSymFromName
ImageEnumerateCertificates
MapDebugInformation
ImagehlpApiVersionEx
SymCleanup
SymRegisterCallback
ImageDirectoryEntryToData
SymSetSearchPath
ImageGetCertificateHeader
SymGetSymFromAddr
ImageNtHeader
SymSetOptions
SymGetOptions

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5d31edcd1192813094ec321b878227b

Headers

File Characteristics

Imports

user32

advapi32

version

kernel32

imagehlp

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 54KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 54KB

.rsrc
Size: 24KB - Virtual size: 22KB