5ce48fb053f74a7ac8a5a16deaec9c55924c5b89ff920416e5f9aea49b3a0645

Sharing

Copy URL Twitter E-mail

General

Target

5ce48fb053f74a7ac8a5a16deaec9c55924c5b89ff920416e5f9aea49b3a0645
Size

98KB
MD5

72814af69f8db2ec71072199c5ab2cd6
SHA1

1915b166c22e9ec65ae4da695999cd8d7c990bd0
SHA256

5ce48fb053f74a7ac8a5a16deaec9c55924c5b89ff920416e5f9aea49b3a0645
SHA512

299a4bcdfe4006858c0574dd7329d2e654a8ca674295615753c453fa53d172a5de43719ad95044a5dda35e332941c5e1905e0a60ac01c352a550942e069f9f5f
SSDEEP

3072:ZJpvv0K4CsvvxWTp5r3MsW4AqOAFsrWtmxe32H8MGmq8dpVsc:3pvv0KWvvxWTP3MZ4dOAFwWtmxe32H8E

Score

N/A

Malware Config

Signatures

Files

5ce48fb053f74a7ac8a5a16deaec9c55924c5b89ff920416e5f9aea49b3a0645
.dll windows x86

66392c157d0ec80cff1b51a7e3ca9a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FindFirstFileA
FindClose
GetSystemDirectoryA
WaitForSingleObject
CreateRemoteThread
GetVersion
SetFileTime
CreateFileA
GetWindowsDirectoryA
SystemTimeToFileTime
GetSystemTime
LocalAlloc
CreateMutexA
FreeConsole
WriteProcessMemory
VirtualAllocEx
MultiByteToWideChar
FindNextFileA
Module32Next
Module32First
SetFileAttributesA
SetLastError
SuspendThread
ReadFile
CreateProcessA
GetStartupInfoA
CreatePipe
GetFileTime
GetFileAttributesA
TerminateProcess
VirtualQuery
GetSystemDefaultLangID
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleFileNameA
MoveFileExA
CopyFileA
OpenProcess
GetCurrentThreadId
GlobalMemoryStatus
GetModuleHandleA
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetVersionExA
GetCurrentProcess
GetStdHandle
WriteFile
OutputDebugStringA
DeleteFileA
GetLastError
GetCurrentProcessId
LoadLibraryA
GetProcAddress
GetTickCount
GetLocalTime
GetComputerNameA
CreateThread
CloseHandle
FreeLibrary
ExitThread
WinExec
Sleep

user32

OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
GetThreadDesktop
MessageBoxA
CloseDesktop
CloseWindowStation
ExitWindowsEx
GetDesktopWindow
SetThreadDesktop
GetProcessWindowStation

advapi32

OpenServiceA
CloseServiceHandle
StartServiceA
SetServiceStatus
RegOpenKeyA
RegEnumKeyA
CreateProcessAsUserA
RegDeleteValueA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ControlService
QueryServiceStatus
ChangeServiceConfigA
QueryServiceConfigA
RegisterServiceCtrlHandlerA
RegCreateKeyA
CreateServiceA
DeleteService
EnumServicesStatusExA
QueryServiceConfig2A
QueryServiceStatusEx
OpenSCManagerA

psapi

GetModuleFileNameExA
EnumProcessModules

ws2_32

connect
send
recv
ntohs
select
WSACleanup
inet_addr
gethostbyname
inet_ntoa
WSAGetLastError
socket
WSAStartup
setsockopt
htons
accept
listen
bind
htonl
gethostname
WSAIoctl
closesocket

iphlpapi

GetTcpTable

msvcrt

strstr
_strlwr
_strnicmp
_stricmp
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
??3@YAXPAX@Z
ftell
??2@YAPAXI@Z
fseek
fread
srand
rand
__CxxFrameHandler
_CxxThrowException
wcstombs
isdigit
strtoul
_mkdir
_rmdir
fgetc
_strupr
strcmp
strtok
malloc
free
strncat
_except_handler3
_vsnprintf
fprintf
_strtime
_strdate
strcat
strrchr
fopen
atoi
strncpy
memcpy
strcpy
strlen
memset
strchr
_strrev
system
strncmp
sprintf
memcmp
printf
fclose
fwrite

Exports

Exports

InstallRT
InstallSA
InstallSB
PEmain
ServiceMain
UninstallRT
UninstallSA
UninstallSB

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xdoors_d
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66392c157d0ec80cff1b51a7e3ca9a41

Headers

File Characteristics

Imports

kernel32

user32

advapi32

psapi

ws2_32

iphlpapi

msvcrt

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

xdoors_d Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB

xdoors_d
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB