c4b07e4ad18ad61a75f7578742137a87869b9a16508357a30e6680c6db895d12

Sharing

Copy URL Twitter E-mail

General

Target

c4b07e4ad18ad61a75f7578742137a87869b9a16508357a30e6680c6db895d12
Size

79KB
MD5

0eb20e316e1d01ae7504ddc43e35ffe1
SHA1

f232ee1fc1360d2d6a969b3184d6a4656a857e9b
SHA256

c4b07e4ad18ad61a75f7578742137a87869b9a16508357a30e6680c6db895d12
SHA512

718681dde1b39e9b7ba615ff616c1a5a455dc032e8cc16e2c31c226117a0ab51e8fdfab58d030490ab3c5743834dd19c4a77989f7ec224acf6761aa2798b44f7
SSDEEP

1536:PAoDNEJeKAYfXrhNLPg10iRvwfVcafh6G0P0Ra+8QSW1E:vDNEJe67hdg10ilwfVcafh6R0Ra+8OO

Score

N/A

Malware Config

Signatures

Files

c4b07e4ad18ad61a75f7578742137a87869b9a16508357a30e6680c6db895d12
.exe windows x86

1630d655563ffd9d2cdaa667643e3218

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowA
SendMessageA

advapi32

ChangeServiceConfig2A
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
SetServiceStatus
StartServiceA
CloseServiceHandle
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_tell
_initterm
_acmdln
exit
_XcptFilter
_exit
atoi
_open
_write
_close
_lseek
_eof
_read
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
free
malloc
fopen
fwrite
fclose
memcpy
localtime
strftime
time
srand
rand
strncpy
strchr
strcmp
sprintf
memset
sscanf
strcpy
strlen
strcat
_stricmp
__getmainargs
__setusermatherr

kernel32

DuplicateHandle
GetStartupInfoA
OpenEventA
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
GetModuleHandleA
HeapAlloc
VirtualAllocEx
ReadProcessMemory
OpenProcess
lstrcmpiA
GetCurrentProcess
GetVersion
CreateFileA
CloseHandle
GetModuleFileNameA
VirtualProtect
DeleteFileA
_lcreat
_lwrite
_lclose
GetProcessHeap
HeapFree
BeginUpdateResourceA
FindResourceA
LoadResource
LockResource
SizeofResource
UpdateResourceA
EndUpdateResourceA
SetFileAttributesA
CopyFileA
CreateProcessA
WinExec
SetFileTime
Sleep
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
CreateEventA
WaitForSingleObject
GetWindowsDirectoryA
SetCurrentDirectoryA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1630d655563ffd9d2cdaa667643e3218

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 5KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 5KB

.rsrc
Size: 64KB - Virtual size: 64KB