6abb89f0b7a246d736bf4f69fd6db17b72cfeb82af0a1931880b37b6fb2ff8cd

General

Target

6abb89f0b7a246d736bf4f69fd6db17b72cfeb82af0a1931880b37b6fb2ff8cd
Size

22KB
MD5

292bb8ccc16540210ea0b147748757a6
SHA1

06854d1f0bcd938a3748ac146db43ab503f2179a
SHA256

6abb89f0b7a246d736bf4f69fd6db17b72cfeb82af0a1931880b37b6fb2ff8cd
SHA512

b49356e0b5b12e85c6e7e32241c0c827d3a39f3209796fe9555213dcbaf58122d42e299c819ad5216cf18aec0b0a22def529f055e38e186353012431033c307a
SSDEEP

384:0YImhoWVkxT5GEZpw4/fYzlvbWDUCElU8f6DW9TeVOtD1/lNcoOOuK+cyH:RDqxT5Jgaie4tpH1yH

Score

N/A

Malware Config

Signatures

Files

6abb89f0b7a246d736bf4f69fd6db17b72cfeb82af0a1931880b37b6fb2ff8cd
.exe windows x86

495668f42612fbdf63eac4e77d72b324

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
GetTempPathA
CreateMutexA
lstrcpyA
WaitForSingleObject
GetSystemDirectoryA
GetTickCount
GlobalMemoryStatusEx
GetComputerNameA
GetLocaleInfoW
GetStartupInfoA
ExitThread
CreateProcessA
lstrcpynA
lstrlenA
OpenMutexA
ReleaseMutex
CloseHandle
lstrcatA
WinExec
ExitProcess
GetLastError
LoadLibraryA
GetProcAddress
Sleep
CopyFileA
CreateThread
TerminateProcess
GetModuleHandleA

user32

wsprintfA
GetDesktopWindow

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
DeleteService
RegQueryValueExA

shell32

ShellExecuteA

ws2_32

htons
WSAIoctl
setsockopt
recv
__WSAFDIsSet
socket
closesocket
select
send
WSACleanup
gethostbyname
inet_addr
sendto
WSASocketA
htonl
WSAStartup
connect

winmm

timeGetTime

msvcrt

malloc
sprintf
rand
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
strstr
atoi
strncpy
strcspn
strncmp
_except_handler3
_exit
_XcptFilter
exit

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

495668f42612fbdf63eac4e77d72b324

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

winmm

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 4KB