10ac2bb224b535a6ab88a663405d2c8c0173154e6a391163643327bb07aa96a0

Sharing

Copy URL Twitter E-mail

General

Target

10ac2bb224b535a6ab88a663405d2c8c0173154e6a391163643327bb07aa96a0
Size

76KB
MD5

67fa09ad1b92dc85c339f9980a2bfdee
SHA1

92672f9889172a91aaadc3442d4c2483bec92499
SHA256

10ac2bb224b535a6ab88a663405d2c8c0173154e6a391163643327bb07aa96a0
SHA512

a79773fb7a9da2a3dbc2fa805e2e803af18938e9bb090d4eb38053ab04fc891a20a02d0d0140b0e8db2f5cdeb032eb69c1cea4cfa5ee6ca93219d7a70d322dbb
SSDEEP

1536:Yvzhnt5SZONbqpWP8Yx5JwFnToIfXy83AUv:Yvht5Ew8YxLwtTBfXy83As

Score

N/A

Malware Config

Signatures

Files

10ac2bb224b535a6ab88a663405d2c8c0173154e6a391163643327bb07aa96a0
.dll windows x86

259ee17ce9513679e9e849ed09542e56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
WriteFile
ReadFile
CreateProcessW
GetStartupInfoW
CreatePipe
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeleteFileA
DeleteFileW
GetFileSize
GetFileTime
GetLastError
CreateFileW
SetFileTime
GetDriveTypeW
GetLogicalDriveStringsW
MoveFileExA
GetWindowsDirectoryA
GetProcAddress
LoadLibraryW
MultiByteToWideChar
CloseHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
OpenProcess
TerminateProcess
GetSystemDirectoryA
WinExec
FreeLibrary
WideCharToMultiByte
FreeConsole
Sleep
CreateThread
SetFilePointer

advapi32

OpenSCManagerW
RegDeleteValueA
OpenServiceW
CloseServiceHandle
QueryServiceStatus
ControlService
DeleteService
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
SetServiceStatus
RegisterServiceCtrlHandlerW

shell32

ShellExecuteW

iphlpapi

GetAdaptersInfo

ws2_32

htons
inet_addr
gethostbyname
WSAGetLastError
socket
WSAStartup
gethostname
send
select
recv
closesocket
connect

msvcrt

??3@YAXPAX@Z
_wcslwr
_adjust_fdiv
_initterm
free
malloc
_itoa
_wchdir
_wfindfirsti64
_wfindnexti64
_findclose
wcscpy
wcslen
??2@YAPAXI@Z
wcsncpy
wcscmp
fflush
fwrite
fopen
sprintf
_wcsupr
fread
strchr
fclose
_filelength
_wfopen
wcscat

Exports

Exports

ServiceMain

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 542KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

259ee17ce9513679e9e849ed09542e56

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

iphlpapi

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 542KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 542KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 5KB - Virtual size: 5KB