SmartByteAnalyticsService[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SmartByteAnalyticsService.exe
Size

1.5MB
MD5

b97b7797fecb325176b35f97197601d6
SHA1

48181f9f7b1b28adf9b3812659b2eb00e791b913
SHA256

09f7145b371d84e5d6aa0fdacfbf6354dc7d2ddb80b78d186f7d4ff2049cc61f
SHA512

8c4ef145b379642c539d545a1c6737461a17e7101d0575a4cf7372402580d975144a6c659082ca44ad76794897eb469753cafd593ae04a6e86fda549d300d692
SSDEEP

24576:j+RtXtV6U4MlB1NqoKMfEtSikIzt4j2i2iI8mrG1e5bZ3bC0k5s4I:j+pVlBb1NqovEtSazt422IH61e5bER

Score

1^/10

Malware Config

Signatures

Files

SmartByteAnalyticsService.exe
.exe windows x64

84303cfc28e7e3768fd5c4d88d7f4710

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
OutputDebugStringW
AreFileApisANSI
InitializeCriticalSection
TryEnterCriticalSection
DecodePointer
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
LocalFree
LockFileEx
GetFileSize
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
FileTimeToSystemTime
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
CloseHandle
DeleteFileW
GetSystemTime
MultiByteToWideChar
lstrcmpiW
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetCurrentThreadId
Sleep
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
WriteConsoleW
GetConsoleMode
GetConsoleCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
EnumSystemLocalesW
GetLastError
RaiseException
GetCommandLineW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadFile
TzSpecificLocalTimeToSystemTime
GetTimeZoneInformation
GetFileType
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
RtlUnwindEx
RtlPcToFileHeader
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
IsDebuggerPresent
GetStringTypeW
DuplicateHandle
GetCurrentProcess
SwitchToThread
GetCurrentThread
GetExitCodeThread
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
WaitForMultipleObjects
ExpandEnvironmentStringsW
CreateDirectoryW
FindClose
FindNextFileW
GetFileSizeEx
ReleaseSemaphore
SystemTimeToTzSpecificLocalTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
CreateThread

user32

MessageBoxW
CharNextW
CharUpperW
PostThreadMessageW
TranslateMessage
GetMessageW
LoadStringW
DispatchMessageW

advapi32

OpenSCManagerW
EventRegister
EventSetInformation
EnableTraceEx2
ControlTraceW
StartTraceW
ProcessTrace
CloseTrace
OpenTraceW
RegNotifyChangeKeyValue
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW
OpenServiceW
EventUnregister
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
EventWriteTransfer

ole32

CoTaskMemRealloc
CoReleaseServerProcess
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoInitializeEx
CoAddRefServerProcess

oleaut32

SysFreeString
VariantInit
SysAllocString
VarUI4FromStr
VariantCopy
VariantChangeType
VariantClear

tdh

TdhGetProperty
TdhGetEventInformation
TdhGetPropertySize

propsys

InitVariantFromFileTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84303cfc28e7e3768fd5c4d88d7f4710

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

tdh

propsys

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 305KB - Virtual size: 304KB

.data Size: 29KB - Virtual size: 40KB

.pdata Size: 59KB - Virtual size: 59KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 305KB - Virtual size: 304KB

.data
Size: 29KB - Virtual size: 40KB

.pdata
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 8KB