11eb95f8bb8bd37b6f5dd42f9ef0ef7f90fb94900b71e8dcae0fa2bfac5ed94f

Sharing

Copy URL Twitter E-mail

General

Target

11eb95f8bb8bd37b6f5dd42f9ef0ef7f90fb94900b71e8dcae0fa2bfac5ed94f
Size

92KB
MD5

8335e29110373dd8cb5a30de96bbd374
SHA1

112732df62e465e0a436caa3db56d4a64cce9c4e
SHA256

11eb95f8bb8bd37b6f5dd42f9ef0ef7f90fb94900b71e8dcae0fa2bfac5ed94f
SHA512

48747bc10ff3ba5719bea3cb19dc34dd5ef9ff21b50f5097ce71521cdfaa609727728fcddb42e6c2e12c378666eec0a56b91c9a8dc2c9be467ba0e9d1b934a74
SSDEEP

1536:20Y8h6163+fpbTUz2giqdAG9tgeEr/+XPNljfA:2j8w6O+iqOrhOPNljfA

Score

N/A

Malware Config

Signatures

Files

11eb95f8bb8bd37b6f5dd42f9ef0ef7f90fb94900b71e8dcae0fa2bfac5ed94f
.dll windows x86

fe0a3212d88d55aa19ac5607a301618a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
ReadFile
GetStartupInfoA
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetWindowsDirectoryA
GetStdHandle
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
FindClose
FindNextFileA
FindFirstFileA
CreateThread
WriteFile
SetFilePointer
CreateFileA
DeleteFileA
RemoveDirectoryA
FreeLibrary
lstrcpyA
WideCharToMultiByte
TerminateProcess
OpenProcess
ReadProcessMemory
GetModuleHandleA
FreeConsole
Sleep
WaitForSingleObject
TerminateThread
CreateProcessA
CreateDirectoryA
CloseHandle
CompareStringW
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
RaiseException
HeapFree
HeapAlloc
RtlUnwind
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
DeleteCriticalSection
InitializeCriticalSection
ExitProcess
SetUnhandledExceptionFilter
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetFullPathNameA
GetCurrentDirectoryA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA

advapi32

SetServiceStatus
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegisterServiceCtrlHandlerA

ws2_32

WSACleanup
WSAStartup
WSASocketA
gethostbyaddr
getservbyname
WSAGetLastError
gethostname
inet_ntoa
ntohs
setsockopt
closesocket
recv
send
gethostbyname
htons
connect
socket
inet_addr

rpcrt4

UuidCreateSequential

Exports

Exports

Installz
ServiceMain

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe0a3212d88d55aa19ac5607a301618a

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

rpcrt4

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 4KB