0c3c1a6a81610e3651d81b57af617e19e4471bb837db8d365bf6c144b9cd281f

Sharing

Copy URL Twitter E-mail

General

Target

0c3c1a6a81610e3651d81b57af617e19e4471bb837db8d365bf6c144b9cd281f
Size

268KB
MD5

6612456c83540888337e533030c0f5a0
SHA1

d3f037032d55bd40a1cdd97fb39a65a027070e96
SHA256

0c3c1a6a81610e3651d81b57af617e19e4471bb837db8d365bf6c144b9cd281f
SHA512

503af61663c8526450d515b51d1a1eb2d598fefc1d8623e309fdb3b99ef29367df386e26460c6ba2e9a66dd5efa24a7aa9fd4c753682a36d057040573cf2b5e0
SSDEEP

6144:cehW1CbONhp450duLPTg9ZU045jYYCPL0b9Bm7e:YwQp45uuLE9+04eF0JL

Score

N/A

Malware Config

Signatures

Files

0c3c1a6a81610e3651d81b57af617e19e4471bb837db8d365bf6c144b9cd281f
.exe windows x86

c45e51e75fcbbd492410301fdee219e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetTrusteeNameW
RegCloseKey
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetNamedSecurityInfoExW
CloseServiceHandle
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateMutexW
CreateProcessW
DeviceIoControl
EnterCriticalSection
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameA
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetPrivateProfileStringW
GetProcAddress
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExW
GetWindowsDirectoryW
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
LocalReAlloc
MapViewOfFile
QueryPerformanceCounter
ReleaseMutex
Sleep
WaitForSingleObject
WideCharToMultiByte
_llseek
lstrcmpW
lstrcmpiW
lstrlenA
lstrlenW
VirtualAlloc
GlobalAlloc
GlobalFree
LoadLibraryA
GetCommandLineA
ExitProcess
LoadResource
FindResourceA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetVersionExA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
GetACP
GetOEMCP
GetCPInfo
GetSystemInfo

rpcrt4

I_RpcServerUseProtseq2A

user32

RegisterWindowMessageW
PostMessageW
MapWindowPoints
LoadStringW
SetWindowsHookExW
GetWindowRect
GetDesktopWindow
GetClientRect
CharUpperW
UnhookWindowsHookEx
IntersectRect

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c45e51e75fcbbd492410301fdee219e0

Headers

File Characteristics

Imports

advapi32

kernel32

rpcrt4

user32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 276KB - Virtual size: 275KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 276KB - Virtual size: 275KB