bc3d264cbab2863571202eb6de20d5b96360fb56f631b32f73c014b3ac9ff88b

Sharing

Copy URL Twitter E-mail

General

Target

bc3d264cbab2863571202eb6de20d5b96360fb56f631b32f73c014b3ac9ff88b
Size

517KB
MD5

e808e13969d345ea3174722dfb7d5a22
SHA1

11ad09dc9d7b09c912615273d9782a56d83782b5
SHA256

bc3d264cbab2863571202eb6de20d5b96360fb56f631b32f73c014b3ac9ff88b
SHA512

465f487bcb7fd138e23e9a60ac01ac399c6020e6087cef5b850dbb923b9c439b386f6de50c775d466d092430a76b7db8eeea675b3e7232f381c24377a47470d7
SSDEEP

6144:MX1YcLVB9i2GVSs2RocIAYn/Qu2oX2AWgwRRogsZPx/jaU1ctCm7AbcvNmeSCO2S:Hcin/8HWw81ZPx3kE/CLYd

Score

N/A

Malware Config

Signatures

Files

bc3d264cbab2863571202eb6de20d5b96360fb56f631b32f73c014b3ac9ff88b
.exe windows x86

8f21c40332c9b5ce1095b772b7a6674e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
LocalAlloc
LocalFree
FreeLibrary
GetProcAddress
LocalReAlloc
InterlockedIncrement
QueueUserWorkItem
LoadLibraryA
RaiseException
IsBadWritePtr
GetWindowsDirectoryW
CreateProcessW
CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
VirtualProtect
Sleep
InterlockedCompareExchange
GetLocalTime
GetCommandLineA
LoadLibraryW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersionExA
VirtualQuery
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
HeapSize
LCMapStringA
MultiByteToWideChar
GetSystemInfo

advapi32

ControlService
StartServiceW
ChangeServiceConfigW
ChangeServiceConfig2W
QueryServiceStatusEx
RevertToSelf
CreateProcessAsUserW
GetUserNameW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegCloseKey
RegFlushKey
RegQueryValueExW
RegOpenKeyExW

ole32

StringFromIID
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 344KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f21c40332c9b5ce1095b772b7a6674e

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 344KB - Virtual size: 685KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 344KB - Virtual size: 685KB

.rsrc
Size: 1KB - Virtual size: 1KB