aa1b714162688b750503fbc73dff1d25989c8b66f3eab1a3b70dd570c3ca6cfc

Sharing

Copy URL Twitter E-mail

General

Target

aa1b714162688b750503fbc73dff1d25989c8b66f3eab1a3b70dd570c3ca6cfc
Size

73KB
MD5

693af652efe9e67b9c0aa60959158fde
SHA1

5aecd5faa5f088a7a8b13fc861c8f908c3a11cfb
SHA256

aa1b714162688b750503fbc73dff1d25989c8b66f3eab1a3b70dd570c3ca6cfc
SHA512

ab949a54e7858051ef3d667ba63309c24b3a2fb7915741906169f9723eeb1d9c0a0e371255b0bae418cae6cff28bb9a5e547d0dbb7a7f23db01f6e5a43c0de18
SSDEEP

768:rZGR/2/eYOtGWe0pFhAEeYSsMW8i6vQrlO61mn4aX6k5hmMblrdT1fdGSYxsi5P3:FReDBbWKSsMW034uhmMBl1V255PkEz

Score

N/A

Malware Config

Signatures

Files

aa1b714162688b750503fbc73dff1d25989c8b66f3eab1a3b70dd570c3ca6cfc
.dll windows x86

491696d934c94a3e8848bb1972b90993

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
GetLocalTime
DeleteFileA
WaitForSingleObject
lstrcatA
lstrcmpA
GetProcAddress
CloseHandle
Sleep
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
FlushFileBuffers
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize

advapi32

RegQueryValueExA
RegisterServiceCtrlHandlerExA
StartServiceCtrlDispatcherA
SetServiceStatus
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteExA

wininet

DeleteUrlCacheEntry
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

Exports

Exports

ServiceMainEx
_HandlerEx@16

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

491696d934c94a3e8848bb1972b90993

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 6KB