a005b9f210bdb39a4d903a20ea5afc6f6f3dc7f96de6cc561e909347707e6107

General

Target

a005b9f210bdb39a4d903a20ea5afc6f6f3dc7f96de6cc561e909347707e6107
Size

32KB
MD5

0029a03e4350fdab181ca89530446f9b
SHA1

1d92006028d00379ea792359281c3549b19a3ffb
SHA256

a005b9f210bdb39a4d903a20ea5afc6f6f3dc7f96de6cc561e909347707e6107
SHA512

a08ce6a543eea7a32180572ac2aa5075766c901e428ed39a2dfe35e1312b03004e086dd848e118c974a46ef301a5c3ec9905d9d9ef6442a40400c0e1c21ec3c6
SSDEEP

768:d+I5aihmkoxXtwBCOoQkzZYCaQrqpbQQLUS/paQp0C:74/xCBHoQk9NayqpbQOt3

Score

N/A

Malware Config

Signatures

Files

a005b9f210bdb39a4d903a20ea5afc6f6f3dc7f96de6cc561e909347707e6107
.7z
7399093.dll
.dll windows x86

bcfecd1c4f0c671f4cd77f76a1cb475d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateFileA
GetLastError
DeviceIoControl
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
GetProcAddress
lstrcatA
Process32Next
FindResourceA
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
OpenProcess
DeleteFileA
GetWindowsDirectoryA
GetCurrentProcess
LoadLibraryA
GetModuleFileNameA
LoadResource
LockResource
SizeofResource
WriteFile
FreeResource
CloseHandle
lstrcpyA
lstrcmpiA
lstrlenA

advapi32

DeleteService
CreateServiceA
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ChangeServiceConfigA
ControlService

Exports

Exports

testall

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
n.exe
.exe windows x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DAStub
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcfecd1c4f0c671f4cd77f76a1cb475d

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 524B

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

Imports

kernel32

Sections

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 20KB - Virtual size: 40KB

DAStub Size: 12KB - Virtual size: 12KB

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 524B

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 20KB - Virtual size: 40KB

DAStub
Size: 12KB - Virtual size: 12KB