6a2d0593fd5b43c6794842bff417c3fdef2b4fb08a0985a0f2ccac105ce5290d

Sharing

Copy URL

Twitter E-mail

General

Target

6a2d0593fd5b43c6794842bff417c3fdef2b4fb08a0985a0f2ccac105ce5290d
Size

36KB
MD5

4d957636b2b25988403d8c0b092fd7d0
SHA1

c1f60792a6c83428a9f7df20006e3a6bf889c8e0
SHA256

6a2d0593fd5b43c6794842bff417c3fdef2b4fb08a0985a0f2ccac105ce5290d
SHA512

5869ebdca97ac199fe5a9434ac53a1b2dcde083f0b4f1d5d87228308bd6796de066b3ae5fb0daa8c04060375ae46b713d7a5285c34ee18576dae7ad832212c12
SSDEEP

768:O9hYeoTI6WHrSG3I6dQA477fSzclf+sO:9s/0AjzcZ+sO

Score

N/A

Malware Config

Signatures

Files

6a2d0593fd5b43c6794842bff417c3fdef2b4fb08a0985a0f2ccac105ce5290d
.exe windows x86

ac153187f19e5a9dcc9259fd5197ef11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
GetLastError
CreateMutexA
OpenProcess
GetWindowsDirectoryA
GetSystemInfo
GetSystemDefaultUILanguage
GetStartupInfoA
GetModuleHandleA
TerminateProcess
OutputDebugStringA
MultiByteToWideChar
OpenMutexA
ReleaseMutex
ExitProcess
WinExec
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
CloseHandle
CreateThread
lstrlenA
ExitThread
GetCurrentProcessId
GetTickCount
Sleep
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
CopyFileA

user32

wsprintfA

advapi32

LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
StartServiceA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
CreateServiceA

shell32

ShellExecuteExA
SHChangeNotify

ws2_32

closesocket
WSACleanup
connect
send
WSAStartup
WSAGetLastError
setsockopt
htons
htonl
sendto
inet_addr
gethostbyname
WSASocketA
inet_ntoa
gethostname
shutdown
WSAIoctl
recv
__WSAFDIsSet
select
socket

msvcrt

_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
strncmp
wcscpy
strcspn
strncpy
atoi
strstr
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
_except_handler3
strncat
strchr
realloc
malloc
printf
rand
srand
time
_ftol
sprintf
fprintf
_iob
_local_unwind2

shlwapi

SHDeleteKeyA

netapi32

NetUserAdd
NetLocalGroupAddMembers

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac153187f19e5a9dcc9259fd5197ef11

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

shlwapi

netapi32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 920B

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 920B