cc5ab7f7d9cf5ff3f61a0c34a7c7bfd7b6c830825e45a7a0503331da9b1cbdf9

Sharing

Copy URL Twitter E-mail

General

Target

cc5ab7f7d9cf5ff3f61a0c34a7c7bfd7b6c830825e45a7a0503331da9b1cbdf9
Size

60KB
MD5

bb156f5fe75bb536d663e8eaf071032c
SHA1

54889ea1b73a9bad914ab351c6f58d7e84088508
SHA256

cc5ab7f7d9cf5ff3f61a0c34a7c7bfd7b6c830825e45a7a0503331da9b1cbdf9
SHA512

f01723e7b72ddfdea0763516b7ae8334b8d79b408a5d75603f3cb8bd295f3a9928bfdbba56776ac76558ec9af1c6a0e2bf187ff8165cd301c684d0ba83bb070c
SSDEEP

1536:efvGwqccJH07CQqePyAlLmUm59lKwArhtRe60xQCQsbdZpk3:4+wqccJUbqAlL8Irh7SxQVsbLpk3

Score

N/A

Malware Config

Signatures

Files

cc5ab7f7d9cf5ff3f61a0c34a7c7bfd7b6c830825e45a7a0503331da9b1cbdf9
.exe windows x86

b53bd8894bd5c798668074dcb3b97982

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeleteService
GetSecurityDescriptorControl
InitializeSecurityDescriptor
LookupAccountSidA
OpenProcessToken
OpenServiceA
QueryServiceStatus
RegCreateKeyExA
SetSecurityDescriptorDacl
StartServiceA

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteAtom
DeleteFileA
DeviceIoControl
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindNextFileA
FreeLibrary
GetCPInfo
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStringsA
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcessHeap
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetSystemTime
GetTickCount
GetVersionExA
GlobalHandle
GlobalReAlloc
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
LeaveCriticalSection
LoadLibraryExA
LockResource
MapViewOfFile
Module32Next
MoveFileA
MoveFileExA
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReadProcessMemory
ResetEvent
RtlUnwind
SetEnvironmentVariableA
SetErrorMode
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
WideCharToMultiByte
WritePrivateProfileStringA
lstrcpynA

user32

CallNextHookEx
CallWindowProcA
CreateWindowExA
DialogBoxParamA
DispatchMessageA
EnableMenuItem
EndPaint
FindWindowA
GetDesktopWindow
GetDlgCtrlID
GetDlgItemTextA
GetMessageA
GetWindowRect
IsChild
IsDlgButtonChecked
LoadIconA
MessageBoxA
MoveWindow
PostMessageA
PostQuitMessage
RegisterClipboardFormatA
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetMenu
SetRect
TranslateMessage
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b53bd8894bd5c798668074dcb3b97982

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 23KB - Virtual size: 24KB

.DATA Size: 15KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 15KB - Virtual size: 16KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 24KB

.DATA
Size: 15KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 15KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB