General

Malware Config

Signatures

Files

• 72b98c5d0ba49f6f114711ebe86d8836528ec26fce35a1e650f07601a6b5c094

  .exe windows x86

  f32317483f2e0025c5030e6b3de1fd99

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  _controlfp

  _except_handler3

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  __initenv

  _cexit

  _XcptFilter

  _exit

  _c_exit

  _beginthreadex

  exit

  advapi32

  GetLengthSid

  StartServiceCtrlDispatcherA

  RegisterServiceCtrlHandlerA

  InitializeSecurityDescriptor

  SetSecurityDescriptorDacl

  AllocateAndInitializeSid

  InitializeAcl

  AddAccessAllowedAce

  FreeSid

  SetServiceStatus

  kernel32

  ResetEvent

  DisconnectNamedPipe

  LeaveCriticalSection

  GetOverlappedResult

  GetVersionExA

  InitializeCriticalSection

  CreateEventA

  GetLastError

  WriteFile

  EnterCriticalSection

  GlobalAlloc

  CloseHandle

  GlobalFree

  WaitForSingleObject

  GetTickCount

  ConnectNamedPipe

  CreateNamedPipeA

  GetModuleHandleA

  SetEvent

  DeleteCriticalSection

  ws2_32

  WSAGetLastError

  ioctlsocket

  __WSAFDIsSet

  select

  WSACleanup

  closesocket

  bind

  htonl

  htons

  getservbyname

  socket

  WSAStartup

  recvfrom

  Sections

  .text

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 260B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 992B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ