c00a83724a4b7b90d84575fca16ff915ef106546c621113ee8e964facaf47d40

General

Target

c00a83724a4b7b90d84575fca16ff915ef106546c621113ee8e964facaf47d40
Size

18KB
MD5

174b08d9d9bb714de054c26679bdb9fa
SHA1

24b9ce6fb9d5d0f3d9dc2b7c87746ca4d1bad58f
SHA256

c00a83724a4b7b90d84575fca16ff915ef106546c621113ee8e964facaf47d40
SHA512

c0ea57dbf679047e24c038849e96a57694166ede8b620c1525b7eb96e8d1652f451b162bb19c2600b504431bf0dd159785f772bc43a5fc2e61da464bc3d8f3b8
SSDEEP

384:ycf78sBkP9bmdRWOw6wK1s5TkLC91ooiI9pU:IsyP9bmTWL0OswBiUpU

Score

N/A

Malware Config

Signatures

Files

c00a83724a4b7b90d84575fca16ff915ef106546c621113ee8e964facaf47d40
.exe windows x86

241ebc9d82e7ddb19c5e2c3a9b25cb8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z

kernel32

SetFileAttributesW
CreateFileW
CopyFileW
DeleteFileW
GetCommandLineW
CreateEventW
GetVersionExW
GetVolumeInformationW
GetComputerNameW
lstrcpyA
CreateProcessW
GetTempPathW
CreateDirectoryW
lstrlenW
GetTickCount
GetSystemDirectoryW
RemoveDirectoryW
ExitProcess
Sleep
lstrcatW
GetModuleHandleW
GetModuleFileNameW
lstrcmpiW
SetEvent
WaitForSingleObject
lstrcpyW
VirtualProtect
RtlMoveMemory
LoadLibraryA
GetProcAddress
LocalAlloc
LocalFree
GetCurrentProcess
GetLastError
CloseHandle

user32

CharUpperW
wsprintfW

advapi32

CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteValueW
RegSetValueExW
CreateServiceW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueW
ControlService
StartServiceW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid
AllocateAndInitializeSid
GetSecurityDescriptorLength
MakeSelfRelativeSD
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
DeleteService

shell32

CommandLineToArgvW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

241ebc9d82e7ddb19c5e2c3a9b25cb8e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 760B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 760B