f82b7b20ebe9171047bd04dc9a87a929c04a3236ba898f44f48a022f825714cf

Sharing

Copy URL Twitter E-mail

General

Target

f82b7b20ebe9171047bd04dc9a87a929c04a3236ba898f44f48a022f825714cf
Size

5.0MB
MD5

fc32ccbb1899d191b24ded6415c0e9e5
SHA1

97ce67a411130d54af634d7125e1dcea9787c562
SHA256

f82b7b20ebe9171047bd04dc9a87a929c04a3236ba898f44f48a022f825714cf
SHA512

23c8d4c3dd25d7eea2fd6639e668dd62c2ba243f4ff663646c6d3c3c16301c796842ac9619582baa9de9631aef4e8ea6cdbb939cc7dbada5c1040ecff113e55b
SSDEEP

98304:E5DYK/JsMpMWninBSr113u8hkdDE9Nu5SnN3ImrEErWs8QWtmfZLe8:E57JsM7EBSWSkdw9NI+N3tr5rWhQWtm3

Score

N/A

Malware Config

Signatures

Files

f82b7b20ebe9171047bd04dc9a87a929c04a3236ba898f44f48a022f825714cf
.exe windows x86

a19c612abd1b5cb260ffe4a183ef4735

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
FreeLibrary
GetACP
Sleep
GetModuleHandleA
GetSystemTimeAsFileTime
MapViewOfFile
InterlockedDecrement
ReleaseSemaphore
WriteConsoleW
HeapSize
LCMapStringA
ExitProcess
FindResourceW
ResumeThread
CreateFileA
CreateDirectoryA
GetLastError
GetCommandLineW
HeapFree
WritePrivateProfileSectionA
WaitForMultipleObjects
GetVersion
IsBadWritePtr
SizeofResource
QueryPerformanceCounter
GetSystemTime
VirtualAlloc
CreateEventW
GetCurrentThread
VirtualQuery
GetLocaleInfoW
ReleaseMutex
GetFileAttributesA
FindFirstFileW
GetModuleHandleW
FindFirstFileA
GetStartupInfoA
lstrcmpA
CloseHandle
FindClose
GetFileType
TlsSetValue
GetTickCount
GetOEMCP
VirtualProtect
DeleteFileA
GetThreadLocale

advapi32

QueryServiceStatus
AddAce
GetUserNameA
GetSidLengthRequired
RegisterTraceGuidsW
GetAce
GetTraceEnableLevel
RegOpenKeyA
SetNamedSecurityInfoW
QueryServiceConfigW
CryptCreateHash
CryptAcquireContextA
RegQueryInfoKeyW
ReportEventW
UnregisterTraceGuids
ConvertSidToStringSidW
RegQueryValueA
IsValidSecurityDescriptor
GetSidIdentifierAuthority
RegOpenKeyExA
ControlService
LsaQueryInformationPolicy
EqualSid
RegSetValueExA

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 7KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a19c612abd1b5cb260ffe4a183ef4735

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.textbss Size: 7KB - Virtual size: 70KB

.tls Size: 6KB - Virtual size: 3.0MB

.tls Size: 2KB - Virtual size: 95KB

.tls Size: - Virtual size: 12KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.textbss
Size: 7KB - Virtual size: 70KB

.tls
Size: 6KB - Virtual size: 3.0MB

.tls
Size: 2KB - Virtual size: 95KB

.tls
Size: - Virtual size: 12KB

.rsrc
Size: 17KB - Virtual size: 16KB