b34f76914ab2a1105c098c1510c081193f576f408ad7f4785179cc5b3d56f95a

Sharing

Copy URL

Twitter E-mail

General

Target

b34f76914ab2a1105c098c1510c081193f576f408ad7f4785179cc5b3d56f95a
Size

196KB
MD5

16c2ff1642318a17abcddc2f7176d96c
SHA1

29c14eacbd3d977e641820b8a9cc5eb10355dd89
SHA256

b34f76914ab2a1105c098c1510c081193f576f408ad7f4785179cc5b3d56f95a
SHA512

856d8b0f33daf8384dcf5be27b99ae179c7377d1a86ce7dafd6b3df7d9b68ff14a36ed7b9b859393609c36b36767f328b9a0b14bb2951af130d158e5c22a6835
SSDEEP

1536:528jbX4PxPfuoIwyWrMYHaCyGbFsEEuKop21MbcP6uMgFimCkrGkokK:YWIPMoISrMYHy47QGkoR

Score

N/A

Malware Config

Signatures

Files

b34f76914ab2a1105c098c1510c081193f576f408ad7f4785179cc5b3d56f95a
.exe windows x86

0b58feccd1a878d798caa41028277c59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lstarget

SetAccessPriv

kernel32

LoadLibraryA
VirtualFreeEx
CloseHandle
GetExitCodeThread
WaitForSingleObject
GetProcAddress
WriteProcessMemory
GetLastError
VirtualAllocEx
GetModuleFileNameA
OpenProcess
FreeLibrary
CompareStringW
CreateRemoteThread
GetEnvironmentStrings
GetCommandLineA
GetVersion
ExitProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetEnvironmentVariableA
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualAlloc
SetConsoleCtrlHandler
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
Sleep
LCMapStringA
LCMapStringW
FlushFileBuffers
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b58feccd1a878d798caa41028277c59

Headers

File Characteristics

Imports

lstarget

kernel32

advapi32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 15KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 15KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 5KB