3b1ca1668486c99f22e82d0ee4cec51e1ea9d9387c673bf9309cd239465e60ce

Sharing

Copy URL

Twitter E-mail

General

Target

3b1ca1668486c99f22e82d0ee4cec51e1ea9d9387c673bf9309cd239465e60ce
Size

20KB
MD5

bf0c7fb48c1aa698e66adcde01ca5055
SHA1

709e4cabd4af09e1eb32330fe4c0e032c34cf25c
SHA256

3b1ca1668486c99f22e82d0ee4cec51e1ea9d9387c673bf9309cd239465e60ce
SHA512

ef1d1ab96492f81b3b72484bad25444f35e2e11bc6e32deb1f19681c983887fa6c7ac639be19f7d8545084cb4a714d4d5e7d7c73b5297e896129118e0e1a5ab5
SSDEEP

192:3Xua8sO3MD9Y62XvdGrHARsU5HUbABVaKLie1zTV+j3EAOoGOZlNg:3X1xsG9mvdGrHE308BVFie1y3EEZ3

Score

1^/10

Malware Config

Signatures

Files

3b1ca1668486c99f22e82d0ee4cec51e1ea9d9387c673bf9309cd239465e60ce
.exe windows x86

abbb0c01c9e0d6f04e157134c03d9b5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
IsProcessorFeaturePresent
GetCurrentThreadId
GetSystemTimeAsFileTime
DecodePointer
GetLocalTime
SetEvent
CloseHandle
WaitForSingleObject
CreateEventA
GetModuleFileNameA
GetLastError
FreeLibrary
GetProcAddress
EncodePointer
LoadLibraryA
IsDebuggerPresent

user32

FindWindowA
EnumWindows
GetWindowTextA
GetClassNameA
MessageBoxA
SendMessageA

advapi32

RegisterServiceCtrlHandlerA
ControlService
DeleteService
StartServiceA
CreateServiceA
StartServiceCtrlDispatcherA
CloseServiceHandle
QueryServiceStatus
OpenServiceA
OpenSCManagerA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
SetServiceStatus

msvcr120

sprintf_s
strncmp
_mbscmp
??2@YAPAXI@Z
fprintf
fclose
vsprintf_s
_splitpath_s
strcat_s
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_invoke_watson
_controlfp_s
_except_handler4_common
fopen_s
memset

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abbb0c01c9e0d6f04e157134c03d9b5e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcr120

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 728B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 728B