bc35902a42c2bf902a4e2252083449251496aea71725ec6378f73410c3138450

Sharing

Copy URL Twitter E-mail

General

Target

bc35902a42c2bf902a4e2252083449251496aea71725ec6378f73410c3138450
Size

60KB
MD5

502d0bfbb7508c9ae96c22b6e8b5af6c
SHA1

65f385311dc918bfb3e2a3c30b91c0f1f739281d
SHA256

bc35902a42c2bf902a4e2252083449251496aea71725ec6378f73410c3138450
SHA512

451e09cb4c0b67567dec76fcf17425a138caea7b47f898bd3d154f63b0ef8bc40c0bdc0b3a23df2f69d420d3767ef06a73730e5bbb908fc7ee08f38e40a06896
SSDEEP

768:KLsqQD4xzKxQ2yUAIaxOEjefU3HY8KJ8RBCsvX+BCpcynP:KLsq0SKxfybxRygHLKsMsf+4SynP

Score

N/A

Malware Config

Signatures

Files

bc35902a42c2bf902a4e2252083449251496aea71725ec6378f73410c3138450
.exe windows x86

5e10a809a2af45970e531e65d023134a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetLastError
LCMapStringW
LCMapStringA
SetEvent
WaitForSingleObjectEx
CreateEventW
GetWindowsDirectoryW
GetModuleFileNameA
ExitProcess
GetCommandLineW
lstrcmpiW
GetProcessHeap
HeapFree
Sleep
GetModuleFileNameW
lstrcatW
CreateIoCompletionPort
ReadFile
DisconnectNamedPipe
ConnectNamedPipe
CreateNamedPipeW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
GetStringTypeA
CloseHandle
SetEnvironmentVariableA
CompareStringW
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoW
GetVersion
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreateFileA
HeapReAlloc
HeapSize
GetFileAttributesA
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
FlushFileBuffers
SetStdHandle
SetEndOfFile
VirtualAlloc
IsBadWritePtr
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
WideCharToMultiByte
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetProcAddress
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
CompareStringA
GetStringTypeW

user32

MessageBoxA
MessageBoxW
GetActiveWindow

advapi32

AddAccessAllowedAce
IsValidSid
GetLengthSid
AllocateAndInitializeSid
InitializeAcl
FreeSid
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
ControlService
QueryServiceStatus
StartServiceW
OpenServiceW
DeleteService
OpenSCManagerW
CreateServiceW
ChangeServiceConfig2W
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetServiceStatus
AddAccessDeniedAce

shell32

CommandLineToArgvW

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e10a809a2af45970e531e65d023134a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 34KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 20KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 20KB