4aa7a25f262daff9d892f53ff2220c05e732c5d0f6bcfc6a9397287c756039cc

Sharing

Copy URL Twitter E-mail

General

Target

4aa7a25f262daff9d892f53ff2220c05e732c5d0f6bcfc6a9397287c756039cc
Size

95KB
MD5

d928c3fb9dd52a6ef548b2e652514512
SHA1

4650044e173f298fee807ddf684133a91f0ed3bd
SHA256

4aa7a25f262daff9d892f53ff2220c05e732c5d0f6bcfc6a9397287c756039cc
SHA512

3735d90548b47e8268d768f7a9064305b672060071275f2f0003ee7ec6b7857b728d3350d3c8a9877d24005bc326eb6507681f6938c6dd289898de6aa270dfb4
SSDEEP

1536:2EkUs+szzySn8jm/Plt1yMev3Owi5nM1l02KweQ7VoKM7Kv:jutYydG3Vi5nM1l02Krsol7K

Score

1^/10

Malware Config

Signatures

Files

4aa7a25f262daff9d892f53ff2220c05e732c5d0f6bcfc6a9397287c756039cc
.exe windows x86

159cb98014ff90623da68ae16ad6758c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

npfdetect

NpfSetSuccess
NpfDetectEntry

kernel32

Sleep
HeapSize
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTickCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetModuleFileNameA
GetLastError
CopyFileA
GetSystemDirectoryA
VerifyVersionInfoA
VerSetConditionMask
GetModuleHandleA
GetProcAddress
CreateFileA
FlushFileBuffers
DeleteCriticalSection
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetFileAttributesA
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar

user32

MessageBoxA

advapi32

RegSetValueExA
RegCreateKeyExA
DeleteService
ControlService
StartServiceA
QueryServiceStatus
OpenServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
RegCloseKey

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nldxpye
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

159cb98014ff90623da68ae16ad6758c

Headers

DLL Characteristics

File Characteristics

Imports

npfdetect

kernel32

user32

advapi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 31KB - Virtual size: 32KB

nldxpye Size: - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 31KB - Virtual size: 32KB

nldxpye
Size: - Virtual size: 4KB