baf7b7989456a87de40057766f99c289bff336de43c4ccb2253b9027411cdfef

Sharing

Copy URL

Twitter E-mail

General

Target

baf7b7989456a87de40057766f99c289bff336de43c4ccb2253b9027411cdfef
Size

88KB
MD5

62589963ea6b9f1d0f744f47d6ff53b4
SHA1

b34107d43820797734dacd89488b1c2169d4164c
SHA256

baf7b7989456a87de40057766f99c289bff336de43c4ccb2253b9027411cdfef
SHA512

1c4e34ece72f2485c40e2eb229946f9e99ecbace555f06be267a07dbafd5a74df60b28cd118c51f18682a8d25d51a4f846d1ae45b5c55a0b5dc0049807721676
SSDEEP

1536:MQ7aHzvo8tQjMGiT0HOTdz7PazPx8yE7E4EBoOMa6S5:TGc8teMGiYaSO11EBoOJr

Score

N/A

Malware Config

Signatures

Files

baf7b7989456a87de40057766f99c289bff336de43c4ccb2253b9027411cdfef
.dll windows x86

c6ae4073d4edd3b199f441cd2b8e3030

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
SetFilePointer
CreateFileA
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
Sleep
CreateThread
FreeConsole
MoveFileExA
CloseHandle
FreeLibrary
GetTickCount
GetLocalTime
ReadFile
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
CompareStringA
CreateDirectoryA
GetSystemDirectoryA
LCMapStringW
LCMapStringA
RtlUnwind
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
GetLastError
HeapFree
GetTimeZoneInformation
GetSystemTime
HeapAlloc
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetCPInfo
SetEnvironmentVariableA

user32

MessageBoxA

advapi32

RegisterServiceCtrlHandlerA

shell32

ShellExecuteA

shlwapi

PathFileExistsA

ws2_32

closesocket
WSACleanup
connect
recv
WSAStartup
inet_addr
htons
socket
inet_ntoa
gethostbyname
send

Exports

Exports

ServiceMain

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6ae4073d4edd3b199f441cd2b8e3030

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

ws2_32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 5KB