781ae922949742e4c842d980a83c26f2fe0770c572e77484efe3f8bb7cba2393

Sharing

Copy URL Twitter E-mail

General

Target

781ae922949742e4c842d980a83c26f2fe0770c572e77484efe3f8bb7cba2393
Size

3.2MB
MD5

958dec6d86caf60dce1f2436671ff0df
SHA1

e8c269815edb13159d59a9cca9277cb4b8bbf859
SHA256

781ae922949742e4c842d980a83c26f2fe0770c572e77484efe3f8bb7cba2393
SHA512

03143af3e072548d0c975c875ac5aed10dad42d653205213db7937c82c6000c2fb87fd4c653d41af7741324f33e75cb2da2ab340c54b6fc16d4988f5670f2ba8
SSDEEP

49152:8mLvdd0aWht/NlJW8x0oKJJNXozoPyygw7IAqeywcJ8kYe6j/cSO57QFPmQ:8ovjY3/WJlg2DzyRr6bcSOVrQ

Score

N/A

Malware Config

Signatures

Files

781ae922949742e4c842d980a83c26f2fe0770c572e77484efe3f8bb7cba2393
.exe windows x86

aa0ebe27bd49a3f0b9b714c010603abb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LocalAlloc
GetCurrentProcess
GetCurrentThread
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
GetLastError
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

LoadIconA

comdlg32

GetOpenFileNameA

shell32

ShellExecuteExA

msvcr100

fclose

msvcp100

?_Xlength_error@std@@YAXPBD@Z

shlwapi

PathRemoveFileSpecA

advapi32

OpenSCManagerW
EnumServicesStatusExW
OpenServiceW
QueryServiceConfigW
CloseServiceHandle

Sections

.text
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.usp0
Size: - Virtual size: 877KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.usp1
Size: 910KB - Virtual size: 909KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 550KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa0ebe27bd49a3f0b9b714c010603abb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

msvcr100

msvcp100

shlwapi

advapi32

Sections

.text Size: - Virtual size: 31KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 2KB

.usp0 Size: - Virtual size: 877KB

.usp1 Size: 910KB - Virtual size: 909KB

.rsrc Size: 550KB - Virtual size: 550KB

.text
Size: - Virtual size: 31KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 2KB

.usp0
Size: - Virtual size: 877KB

.usp1
Size: 910KB - Virtual size: 909KB

.rsrc
Size: 550KB - Virtual size: 550KB