a4cff6af947fd97227e215dadc9cdc0321f4f55a025e85a7e75eac17fad41169

Sharing

Copy URL Twitter E-mail

General

Target

a4cff6af947fd97227e215dadc9cdc0321f4f55a025e85a7e75eac17fad41169
Size

189KB
MD5

2e2cc717e7ea0c44e707100c45ddd7f9
SHA1

f01c439fe43551d4a6fcf1ba39ec735ee0aeea1a
SHA256

a4cff6af947fd97227e215dadc9cdc0321f4f55a025e85a7e75eac17fad41169
SHA512

d4138afec50b3cbc5280a68cb123d8c56a88dd75e0a70fd35e260d3097bc97d5d0fa876b3c78fa6ce61286440125d3fa35f10616b729097010dc701e5275dd5e
SSDEEP

3072:852eirPVVCQuQUu28G9wt4YwyTKn8sv0+hNFaeJolZ0sol69BdFgb4szxz:NeiRVjuQnG9wt4YwYKnfRHbJolm6HdFE

Score

N/A

Malware Config

Signatures

Files

a4cff6af947fd97227e215dadc9cdc0321f4f55a025e85a7e75eac17fad41169
.exe windows x86

d2cb9b186a160a67d630d314ac764cb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
CloseHandle
LoadLibraryA
GetCurrentProcess
UnmapViewOfFile
QueryPerformanceCounter
CreateDirectoryA
GetStartupInfoA
GetWindowsDirectoryA
CreateFileMappingA
GlobalFree
GetSystemDirectoryA
GetVersionExA
VirtualProtect
GetACP
SetFilePointer
SetEndOfFile
lstrlenA
InterlockedExchange
FindFirstFileA
GetExitCodeProcess
CreateProcessA
RemoveDirectoryA
FreeLibrary
GetLastError
UnhandledExceptionFilter
GetOEMCP
GetVersion
GlobalAlloc
GetShortPathNameA
GetCurrentThreadId
FindNextFileA
FindClose
WaitForSingleObject
SetFileAttributesA
GetFileType
Sleep
lstrcatA
MoveFileExA
GetCurrentProcessId
GetProcessHeap
GetModuleHandleA
GetTickCount
GetCommandLineW
GetPrivateProfileStringA
lstrcpyA
GetFileSize
CreateFileA
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCommandLineA
GetProcAddress
lstrcpynA
DeleteFileA
SetUnhandledExceptionFilter
TerminateProcess
MapViewOfFile

advapi32

ControlService
RegDeleteValueA
OpenServiceA
CloseServiceHandle
GetTokenInformation
OpenProcessToken
RegOpenKeyExA
AdjustTokenPrivileges
AllocateAndInitializeSid
RegDeleteKeyA
RegSetValueExA
OpenSCManagerA
DeleteService
FreeSid
RegQueryValueExA
RegEnumKeyExA
RegCloseKey
LookupPrivilegeValueA
EqualSid

msvcrt

_mbsupr
_access
__set_app_type
_mbsstr
strchr
_exit
__p__commode
memset
memcpy
__getmainargs
_cexit
_mbscmp
strstr
_controlfp
_mbsinc
malloc
_mbsicmp
__setusermatherr
__p__fmode
?terminate@@YAXXZ
strtok
_ismbblead
_mbschr
_acmdln
memmove
_adjust_fdiv
_XcptFilter
exit
_getcwd
_initterm
_amsg_exit

user32

FindWindowA
wsprintfA
ExitWindowsEx
SendMessageA
MessageBoxA
LoadIconA
LoadStringA

ntdll

RtlUnwind

setupapi

SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyA
SetupDiDeleteDeviceInfo
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2cb9b186a160a67d630d314ac764cb6

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

ntdll

setupapi

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 3KB - Virtual size: 13KB

.data Size: 119KB - Virtual size: 1.1MB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 3KB - Virtual size: 13KB

.data
Size: 119KB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 3KB