1bfd4e0ff6d06b8fd830d72963afb0387b858b3fca798ae3a8762fb234ff7fcb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bfd4e0ff6d06b8fd830d72963afb0387b858b3fca798ae3a8762fb234ff7fcb
Size

12KB
MD5

844abb15b9bde21b88e3649ef2a5c858
SHA1

ba670a31775e24edc1af0c227c68fa803d44bdd0
SHA256

1bfd4e0ff6d06b8fd830d72963afb0387b858b3fca798ae3a8762fb234ff7fcb
SHA512

706c77db231773b79bd6cc2f255a22497e8dc6057b5b3ec934d908ec3113ae2514fee089dd3311ec7b8d6a3602473e85cfc35a3abcd97cee8f777075243c1fb8
SSDEEP

384:jhoItsL5ZGlX29Nye3NvbSGUTGxGGki/FZ:juItsLilX2ryobSjaxGG/z

Score

N/A

Malware Config

Signatures

Files

1bfd4e0ff6d06b8fd830d72963afb0387b858b3fca798ae3a8762fb234ff7fcb
.exe windows x86

6ce715250283afddeca4b324c92f1c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetTickCount
SetLastError
CloseHandle
WriteFile
CreateFileA
DeleteFileA
OutputDebugStringA
GetVersionExA
GlobalMemoryStatus
GetCurrentProcess
WinExec
GetModuleFileNameA
GlobalFree
WritePrivateProfileStringA
LoadLibraryA
GetProcAddress
CreateThread
CreateMutexA
GetLastError
GlobalAlloc
ExitProcess
Sleep
GetSystemDirectoryA

user32

ExitWindowsEx

advapi32

StartServiceCtrlDispatcherA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfig2A
CloseServiceHandle
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
ControlService
QueryServiceStatus

ws2_32

send
closesocket
recv
WSAStartup
WSACleanup
sendto
htonl
htons
setsockopt
socket
connect
bind
gethostname

Sections

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE