e136aa5e61465070bddecafe5ed132eb736bc2c61505102ddd1fe6c4842570d6

Sharing

Copy URL Twitter E-mail

General

Target

e136aa5e61465070bddecafe5ed132eb736bc2c61505102ddd1fe6c4842570d6
Size

104KB
MD5

2963844962084845e2213916d6f8b4a8
SHA1

6c0f5bc68ad686616805b5e88ed6fa48bc9d4030
SHA256

e136aa5e61465070bddecafe5ed132eb736bc2c61505102ddd1fe6c4842570d6
SHA512

75785f60082d1ae425a54ae6e31188a019e9cbc19e1f461ace9ba34d9718a0d97c7c1ffc90bdc6e5201d57a20c856261a56ed38ed7e844c0a83b7669108d4dc6
SSDEEP

1536:yZK0ZH5U5ntz++WaaNC/0KEcsI3kE+Tj7b2nBwFlwtSwmT:yAz1BwFlwtSV

Score

N/A

Malware Config

Signatures

Files

e136aa5e61465070bddecafe5ed132eb736bc2c61505102ddd1fe6c4842570d6
.dll windows x86

12eb16d0ebb6dce2472b47fd59a226e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable

netapi32

Netbios

urlmon

URLDownloadToFileA

kernel32

SetStdHandle
FreeLibrary
CompareStringW
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
LoadResource
LockResource
SizeofResource
WriteConsoleA
FindResourceA
FindResourceExA
GetLastError
GetProcAddress
CompareStringA
InterlockedExchange
LoadLibraryA
LoadLibraryW
GetStringTypeW
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
CloseHandle
FlushFileBuffers
Sleep
HeapSize
GetStringTypeA
RtlUnwind
GetCurrentProcessId
GetConsoleMode
GetConsoleCP
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
GetTickCount
GetProcessHeap
GetTimeZoneInformation
GetLocalTime
VirtualAlloc
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetFilePointer

user32

UnregisterClassA

advapi32

RegisterServiceCtrlHandlerExA
RegSetValueExA
StartServiceCtrlDispatcherA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
SetServiceStatus

shell32

ShellExecuteA
SHGetSpecialFolderPathA

Exports

Exports

ServiceMain
_HandlerEx@16

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12eb16d0ebb6dce2472b47fd59a226e3

Headers

File Characteristics

Imports

wininet

netapi32

urlmon

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 8KB - Virtual size: 6KB