914bf5d0b2b77c974f2a5540f9b7b87b9c52fecabec39c1b75480da6ad517091

Sharing

Copy URL Twitter E-mail

General

Target

914bf5d0b2b77c974f2a5540f9b7b87b9c52fecabec39c1b75480da6ad517091
Size

640KB
MD5

56d7808bb59af39c26307b7404152989
SHA1

7919265a3783ea18a8dfb7841bcba50d0c255304
SHA256

914bf5d0b2b77c974f2a5540f9b7b87b9c52fecabec39c1b75480da6ad517091
SHA512

ff0c7f679608d73c32e5578a3e72b4203dfb5c6923c3703f8dad2fc4cf176ed6c34b40a4a3dd5f6d5bb99ed1e30aef549837fce6edb102b4bead72dde2a5c25b
SSDEEP

12288:U3HdB2wh5Vr9L8yJeRXgr8l+WvMMJ7IybfFqlZTv3hweagE8UtecyqAEiNNF:ts/pL81RQYCMJ7TbNqlZ+x8WYNF

Score

N/A

Malware Config

Signatures

Files

914bf5d0b2b77c974f2a5540f9b7b87b9c52fecabec39c1b75480da6ad517091
.exe windows x86

6fba957d1a28a87f8d0f9f74c6d7182f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcpy
strncmp
_itow
atol
fgets
_wcsicmp
atoi
__getmainargs
malloc
tolower
wcscat
wcsstr
wcslen
_access
__set_app_type
_XcptFilter
_vsnwprintf
strcat
memset
iswctype
_waccess
wcscpy

advapi32

CreateProcessAsUserA
GetAce
GetSidIdentifierAuthority
QueryServiceStatus
FreeSid
RegDeleteValueA
QueryServiceConfigA
GetTokenInformation
RegSetValueExA
AddAccessAllowedAce
ControlService
GetSecurityInfo
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
IsValidSecurityDescriptor
IsValidSid
RegConnectRegistryA
RegCloseKey
SetTokenInformation
StartServiceA
CopySid
OpenProcessToken

user32

CheckRadioButton
CheckDlgButton
GetWindowDC
SetFocus
SetUserObjectSecurity
GetClientRect
GetClassNameA
RedrawWindow
wsprintfA
SetTimer
GetFocus
CreateWindowExA
GetWindowPlacement
GetWindow
TrackPopupMenuEx
PeekMessageA
SetCapture
CloseClipboard
GetSystemMetrics
TranslateMessage
IsIconic
EmptyClipboard
ExitWindowsEx
LoadCursorA
CreatePopupMenu
GetWindowLongA
DrawEdge
GetDlgItemTextA
EnumChildWindows
ReleaseDC
CallWindowProcA
DrawIconEx
FindWindowExA
SetMenuItemBitmaps

ole32

CoMarshalHresult
CoRegisterMessageFilter
CoRegisterClassObject
CoIsOle1Class
OleSetMenuDescriptor
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
CoGetPSClsid
CoTreatAsClass
CoReleaseServerProcess
OleCreateLinkEx
CoGetMalloc
CoGetObjectContext
OleGetIconOfClass
CoTaskMemFree
CoMarshalInterThreadInterfaceInStream

kernel32

OutputDebugStringA
Sleep
GetProcessHeap
TlsSetValue
CreateProcessA
GetTimeZoneInformation
InterlockedDecrement
LockResource
SearchPathA
GetLocaleInfoW
GetLocaleInfoA
CreateFileMappingA
GetDateFormatA
WaitForSingleObject
HeapAlloc
GetModuleFileNameA

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fba957d1a28a87f8d0f9f74c6d7182f

Headers

File Characteristics

Imports

msvcrt

advapi32

user32

ole32

kernel32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 512B - Virtual size: 300B

.data Size: 2KB - Virtual size: 83KB

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 512B - Virtual size: 300B

.data
Size: 2KB - Virtual size: 83KB

.rsrc
Size: 1024B - Virtual size: 1000B