f0e475116e3f877afb74304bd1a78973b817f82e2df07d1bfdfa1b89f069fd45

General

Target

f0e475116e3f877afb74304bd1a78973b817f82e2df07d1bfdfa1b89f069fd45
Size

84KB
MD5

07bc07fe3ee534961ac321462a6d389b
SHA1

599aa04d12a3d42d768840481d43e0758e95758e
SHA256

f0e475116e3f877afb74304bd1a78973b817f82e2df07d1bfdfa1b89f069fd45
SHA512

b2d6739ceecdead41dfd2fd7c95c33f54c05f6ef3c9a714d181967ab46c3871e0e4b11f97e30eeeb6fef2fe8b8f197cb28fb87caa69e87184dcab5fcae58bbb6
SSDEEP

1536:tHwfB68HFPgC5351O3Lb79LwMtoN8j2Y2:OJz18b7Jw4

Score

N/A

Malware Config

Signatures

Files

f0e475116e3f877afb74304bd1a78973b817f82e2df07d1bfdfa1b89f069fd45
.exe windows x86

d74c6faf00cecd9eebf7306f770ef22d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetSystemTime
GetSystemTime
WinExec
GetFileSize
FreeLibrary
LoadLibraryA
lstrcpynA
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetLastError
CreateFileW
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
Module32First
OpenProcess
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
CreateDirectoryA
CreateThread
SetEvent
GetSystemDirectoryA
CreateEventA
ResetEvent
OpenEventA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
GetVersionExA
VirtualFree
VirtualAlloc
CopyFileA
GlobalFree
LoadLibraryExA
GlobalAlloc
GetStartupInfoA
ExitProcess
GetStdHandle
OutputDebugStringA
WaitForSingleObject
lstrlenA
GetTempPathA
lstrcatA
GetModuleHandleA
GetProcAddress
WriteFile
FlushFileBuffers
Sleep
lstrcpyA
DeleteFileA
CreateFileA
DeviceIoControl
CloseHandle
GetModuleFileNameA
GetTickCount

ws2_32

bind
listen
select
socket
inet_addr
htons
connect
accept
WSAGetLastError
recv
closesocket
send
WSAStartup
gethostname
gethostbyname
inet_ntoa
__WSAFDIsSet

user32

SendMessageA
wsprintfA
wvsprintfA
IsCharAlphaNumericA
ShowWindow
FindWindowA

advapi32

CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
ChangeServiceConfigA
StartServiceA
DeleteService
ChangeServiceConfig2A
CreateServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegCreateKeyA
QueryServiceStatus

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d74c6faf00cecd9eebf7306f770ef22d

Headers

File Characteristics

Imports

kernel32

ws2_32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 20KB - Virtual size: 46KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 20KB - Virtual size: 46KB