d3ad9f9db7c89a229b1bdb8b49310ea51f71fa70be014b191b8a545dc8251cdb

Sharing

Copy URL Twitter E-mail

General

Target

d3ad9f9db7c89a229b1bdb8b49310ea51f71fa70be014b191b8a545dc8251cdb
Size

61KB
MD5

b1b98910b54104b33d2424870417e1eb
SHA1

2a757fcbb6f5a4db388a8130e8c63fb4edd36d4d
SHA256

d3ad9f9db7c89a229b1bdb8b49310ea51f71fa70be014b191b8a545dc8251cdb
SHA512

64582380712c737a62af3965242cd2f627e760532875b235b57f3a89801ce73247b42404cdb54676ddd2ffcc1b40419223e25a8c150e67fdc8db1aa1bdc8c857
SSDEEP

768:Wix83plsJn9dv62Mh0GuO07T2B/T17VXCHQHShfheXvtgCuDxKxoXTgb:Wix83pGJX6bh0Bn4TrPvLAKoDgb

Score

N/A

Malware Config

Signatures

Files

d3ad9f9db7c89a229b1bdb8b49310ea51f71fa70be014b191b8a545dc8251cdb
.dll windows x86

83aa968b8b2e721f72452d8824294a92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
WriteFile
FlushFileBuffers
CreateProcessA
DeleteFileA
CloseHandle
GetSystemDirectoryA
lstrlenA
CreateFileA
GetTempPathA
CreateThread
WaitForSingleObject
SetFilePointer
Sleep
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
HeapAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW
SetStdHandle

advapi32

DeleteService
RegOpenKeyExA
ChangeServiceConfigA
RegCreateKeyA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
CreateServiceA

ws2_32

WSACleanup
WSAStartup

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState

Exports

Exports

ServiceMain
_DllMain@12
_SvcCtrlFnct@4

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83aa968b8b2e721f72452d8824294a92

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

wininet

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 22KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 22KB

.reloc
Size: 4KB - Virtual size: 3KB