b832ef4f6580e2a8d1471e322845db49c491089e7a20e8357928ae16ebddbcce

General

Target

b832ef4f6580e2a8d1471e322845db49c491089e7a20e8357928ae16ebddbcce
Size

144KB
MD5

3e3b3358418b5603f84ab08303d151e9
SHA1

7f7b7daa00d77100904b16f731e7374285998413
SHA256

b832ef4f6580e2a8d1471e322845db49c491089e7a20e8357928ae16ebddbcce
SHA512

3a89d9b019063ae55ff9b0d4753d6e2cfeb7bbedecdc35d693db284ea9661895511b5303c7dbe05e54e1914fd38ad1cc6555095a9747cec642af060337311f81
SSDEEP

3072:MHDOeoUmxSmqmrE4RXRq7RmXu2u0qXytLPJDBuf:MHDOeoUmxS3+Bq7Ue5hyJRwf

Score

N/A

Malware Config

Signatures

Files

b832ef4f6580e2a8d1471e322845db49c491089e7a20e8357928ae16ebddbcce
.exe windows x86

81d9877606cf937f12894d6ce2289a33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
SetFilePointer
LocalAlloc
IsDBCSLeadByte
IsBadCodePtr
GetSystemDefaultLCID
WideCharToMultiByte
MultiByteToWideChar
SetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
HeapFree
GetProcAddress
HeapReAlloc
CreateEventW
Sleep
OutputDebugStringA
CreateThread
CreateFileA
CloseHandle
GetFileSize
GetModuleHandleA
InitializeCriticalSection
GetStartupInfoA

advapi32

AllocateAndInitializeSid
GetSecurityDescriptorDacl
GetSidIdentifierAuthority
OpenThreadToken
QueryServiceStatus
RegCreateKeyW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
GetTokenInformation

msi

ord218

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
atoi
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__dllonexit
_onexit
_except_handler3
__setusermatherr

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81d9877606cf937f12894d6ce2289a33

Headers

File Characteristics

Imports

kernel32

advapi32

msi

msvcrt

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 124KB - Virtual size: 215KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 124KB - Virtual size: 215KB

.rsrc
Size: 4KB - Virtual size: 3KB