31923365ce6372cb2d0d434ca1af2d1a444f1a25a7408fdf7f68c79fd34a1d4f

Sharing

Copy URL Twitter E-mail

General

Target

31923365ce6372cb2d0d434ca1af2d1a444f1a25a7408fdf7f68c79fd34a1d4f
Size

172KB
MD5

7c2d4f7bbf4dc59136106205d12cf460
SHA1

733192a316de6223990da863718322779d3b33aa
SHA256

31923365ce6372cb2d0d434ca1af2d1a444f1a25a7408fdf7f68c79fd34a1d4f
SHA512

f1813df0ba08f608cc87d8b2e04ba3d3b3203fdad32414ad025b7797bfdcdfdfdef3de291e8546500dccddbce200e03ff9ae16fab2ac17a1198562400d0f6bb0
SSDEEP

3072:VeJLEavEqnLKcP8JuJX3Jk2+nztz73K37IYWtD:VFavZhPFJ53XWtD

Score

N/A

Malware Config

Signatures

Files

31923365ce6372cb2d0d434ca1af2d1a444f1a25a7408fdf7f68c79fd34a1d4f
.dll windows x86

1cc9ff2874c7029035777b5ff3c0cf2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
LocalAlloc
GetFileAttributesExW
GetWindowsDirectoryW
LocalFree
FreeLibrary
SetEvent
GetTickCount
LoadLibraryW
TerminateThread
GetProcAddress
CreateEventW
ReleaseMutex
ResumeThread
CreateThread
UnmapViewOfFile
GetModuleHandleW
GetModuleFileNameA
HeapAlloc
HeapFree
GetProcessHeap
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryW
GetLastError
InterlockedIncrement
InterlockedDecrement
OpenMutexW
GlobalAlloc
GetModuleHandleExW
GetNativeSystemInfo
CreateMutexW
GetEnvironmentVariableW
CreateFileMappingW
CreateFileW
GetModuleFileNameW
MapViewOfFile
WaitForSingleObject
GetFileSize
GetCurrentProcessId
CloseHandle
TerminateProcess
Sleep
OpenProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
ExitProcess
HeapSize
GetStdHandle
WriteFile
WideCharToMultiByte
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LCMapStringW
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers
VirtualQuery

advapi32

OpenSCManagerW
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
ControlService
QueryServiceStatus
StartServiceW
OpenServiceW
DeleteService
CloseServiceHandle
CreateServiceW
SetServiceStatus
RegSetValueExW
RegCloseKey
RegOpenKeyExW
SetSecurityInfo
RegQueryValueExW
RegCreateKeyExW

Exports

Exports

service

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cc9ff2874c7029035777b5ff3c0cf2d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 11KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 496B

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 11KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 496B

.reloc
Size: 18KB - Virtual size: 17KB