d3ad5ddd7295a25026c119b32cff651b42b883223888bd7d4a0f0ee7485fd2c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3ad5ddd7295a25026c119b32cff651b42b883223888bd7d4a0f0ee7485fd2c1
Size

12KB
MD5

ac755a2f16eb53b48fa180d9c6cebefa
SHA1

07cd6c0fe53abac23a3174ef6c95594c18d4a5cd
SHA256

d3ad5ddd7295a25026c119b32cff651b42b883223888bd7d4a0f0ee7485fd2c1
SHA512

65723b62199816d0c8ddad3bceca401703d981cf052a4bca6fa3f379c727be3c2358fa5eb1c0d6d4bc11348d9ebc5acc3ede17052022f2bf688af485f21f5d7e
SSDEEP

192:uhFFckOvAST7zy7vUf/OHhBSjWHUG8EANNJeijdPni/M+Jski/Y:9kOvgkuIjWHUpESjBcSki/

Score

N/A

Malware Config

Signatures

Files

d3ad5ddd7295a25026c119b32cff651b42b883223888bd7d4a0f0ee7485fd2c1
.exe windows x86

f5c682f1fd782164c0de1e58baaf9168

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
OpenServiceA
CloseServiceHandle
ChangeServiceConfig2A
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
DeleteService
ControlService
QueryServiceStatus

ws2_32

gethostname
htonl
setsockopt
sendto
inet_addr
gethostbyname
htons
socket
bind
connect
WSAStartup
recv
closesocket
send
WSACleanup

kernel32

WritePrivateProfileStringA
GetTickCount
GetCurrentProcess
GlobalMemoryStatus
GetVersionExA
OutputDebugStringA
GetSystemDirectoryA
CreateFileA
WriteFile
CloseHandle
Sleep
GetPrivateProfileStringA
DeleteFileA
LoadLibraryA
WinExec
GlobalFree
ExitProcess
GlobalAlloc
GetLastError
CreateMutexA
CreateThread
GetProcAddress
GetModuleFileNameA

user32

ExitWindowsEx

Sections

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE