d9bf5969d5d6d3d45389be25e4d68b3cd5aab743d51de4e0476eec63f033ee69

General

Target

d9bf5969d5d6d3d45389be25e4d68b3cd5aab743d51de4e0476eec63f033ee69
Size

45KB
MD5

8288eb7f69159a7fa067e3c737e9c1b0
SHA1

9f1a33e216a870a217467291c290a3840e89afd5
SHA256

d9bf5969d5d6d3d45389be25e4d68b3cd5aab743d51de4e0476eec63f033ee69
SHA512

c1edbe7ea6ea0e96bc2a529b2f155b5d903f0ee27b1ffa05fa7b977f89f3a1400a2045e99ba0c55ed51f77839d5bc9629f83a24e224b823d909ca84d313de943
SSDEEP

768:5/yHQteXjNT+moSaMf0Y82+fPaLANArOGpldbx/hrwGdr:ZyHQETNymPnOasNAtdJhPr

Score

N/A

Malware Config

Signatures

Files

d9bf5969d5d6d3d45389be25e4d68b3cd5aab743d51de4e0476eec63f033ee69
.exe windows x86

ef79660e003c62f4e6f7edd7520bb476

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CloseHandle
ReleaseMutex
OpenMutexA
WinExec
GetTempPathA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
WriteFile
CreateFileA
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
EndUpdateResourceA
GetModuleFileNameA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
WaitForSingleObject
ExitProcess
CreateMutexA
CopyFileA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
GetComputerNameA
GetSystemDefaultUILanguage
GetModuleHandleA
SetFileAttributesA
CreateThread
CreateProcessA
GetCurrentProcess
SetProcessWorkingSetSize
Sleep
ExitThread
GetProcAddress
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetTickCount
LoadLibraryA
lstrlenA
GetStartupInfoA

user32

GetDesktopWindow
MessageBoxA
wsprintfA

advapi32

OpenSCManagerA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenServiceA
DeleteService
CloseServiceHandle
RegSetValueExA
RegOpenKeyA
StartServiceA
CreateServiceA
StartServiceCtrlDispatcherA

shell32

ShellExecuteA

ws2_32

setsockopt
sendto
inet_addr
WSASocketA
socket
htons
connect
closesocket
WSAStartup
recv
send
htonl
WSAIoctl
__WSAFDIsSet
select
gethostbyname

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
exit
strcspn
strncpy
atoi
strstr
strcpy
malloc
rand
strlen
memset
memcpy
sprintf

Sections

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef79660e003c62f4e6f7edd7520bb476

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

Sections

.data Size: 21KB - Virtual size: 21KB

.rsrc Size: 22KB - Virtual size: 22KB

.data
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 22KB - Virtual size: 22KB