84621f85975adc56e568d5e66149d60522ac5ce51590963219cfc21f7328e31a

General

Target

84621f85975adc56e568d5e66149d60522ac5ce51590963219cfc21f7328e31a
Size

44KB
MD5

808671753b91542dbdec1a361d6a50b0
SHA1

82806b8224040e12284e4cdbdd39ab237b485520
SHA256

84621f85975adc56e568d5e66149d60522ac5ce51590963219cfc21f7328e31a
SHA512

be8cc5239750515e5aad0a0bcce483efe1a8c5fc76356cb2dc30f8458f7c6ff9bdf6238cc63dff1ed0eb1e001b7ef910c1e07a12694332f0ac10f4895c58d7c5
SSDEEP

384:So5g8gSG/IBFGAI6MD4mzP0JF0I+IjF93IsrTbvEvnZ/dJDh9yXglTrt+gi0dYD:SlwG/IBT9OpIjjDQvn1dt+Xgxt+gi02

Score

N/A

Malware Config

Signatures

Files

84621f85975adc56e568d5e66149d60522ac5ce51590963219cfc21f7328e31a
.dll windows x86

6477439df7294b891fecb2f8f5621102

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
GetProcAddress
LoadLibraryA
GetModuleHandleA
ReadFile
SetFilePointer
VirtualFree
VirtualProtect
VirtualAlloc
WriteFile
TerminateProcess
ResumeThread
CreateFileA
WriteProcessMemory
VirtualAllocEx
CopyFileA
GetPrivateProfileStringA
WaitForSingleObject
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetFileSize
CreateFileMappingA
MapViewOfFile
Sleep
GetCurrentProcess
GetLastError
CloseHandle
GetFileAttributesA
MultiByteToWideChar
DeleteFileA
VirtualProtectEx

advapi32

RegCloseKey
LookupPrivilegeValueA
RegCreateKeyExA
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
OpenProcessToken
AdjustTokenPrivileges

ole32

CoCreateInstance
CoInitialize
CoUninitialize

msvcrt

fprintf
_beginthreadex
_endthread
strstr
sprintf
wcslen
memmove
??2@YAPAXI@Z
atoi
??3@YAXPAX@Z
rename
fclose
_stricmp
fopen
fread
free
malloc
rand
srand
time
_initterm
_adjust_fdiv

imagehlp

ImageLoad

Exports

Exports

ServiceMain

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6477439df7294b891fecb2f8f5621102

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

imagehlp

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 1KB