8f83288c001f9aaacf3970e46d5e8121f519e4c9c400a2dfb57ed860f3c4b1f7

Sharing

Copy URL

Twitter E-mail

General

Target

8f83288c001f9aaacf3970e46d5e8121f519e4c9c400a2dfb57ed860f3c4b1f7
Size

57KB
MD5

c84d23282c62891b71e4f17150a1314b
SHA1

211e629f01b2ba3394d39f642dae248fadbb6826
SHA256

8f83288c001f9aaacf3970e46d5e8121f519e4c9c400a2dfb57ed860f3c4b1f7
SHA512

41f0174d2821b1dec5cf36e66ed8dad34f133ca15995c093f0c6d8136480d35c83658ff60a536a5243b4ff0c26e08e165eacdb1933f323096fe61894e27a6c35
SSDEEP

1536:QNi43MJ20HXBk2Dt/wS1yMtlIF6hFYO3jvpAd:QNieMJ2axDLtlIIRdAd

Score

N/A

Malware Config

Signatures

Files

8f83288c001f9aaacf3970e46d5e8121f519e4c9c400a2dfb57ed860f3c4b1f7
.dll regsvr32 windows x86

fb839216c4b22508e275a2e20f7c93c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strncpy
_strnicmp
strncmp
_strdup
free
memmove
sprintf
strlen
memcpy
strcat
localtime
mktime
strcpy
gmtime

kernel32

HeapCreate
HeapDestroy
Sleep
OpenProcess
CloseHandle
CreateProcessA
MoveFileA
SetFileAttributesA
SetCurrentDirectoryA
CreateFileA
WriteFile
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
DeviceIoControl
GetSystemDirectoryA
GetCurrentProcessId
GetTickCount
FreeConsole
HeapFree
HeapAlloc
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateThread
TerminateThread
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsGetValue
GetVersionExA
HeapSize
WideCharToMultiByte
FreeLibrary
LoadLibraryA
GetProcAddress
CreateDirectoryA
DeleteFileA
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
GetFileSize
SetFilePointer
ReadFile
HeapReAlloc
GetLocalTime
WaitForMultipleObjects
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
ReleaseSemaphore

ws2_32

WSAStartup
htons
inet_addr
socket
connect
send
closesocket
gethostbyname
setsockopt
sendto
htonl
WSACleanup
ioctlsocket
recvfrom
recv
WSAGetLastError

user32

ExitWindowsEx
CharLowerA

advapi32

OpenProcessToken
CreateProcessAsUserA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
CreateServiceA
QueryServiceStatus
StartServiceA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

iphlpapi

GetAdaptersInfo

Exports

Exports

DllRegisterServer
ServiceHandler
ServiceMain

Sections

.code
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 219B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb839216c4b22508e275a2e20f7c93c8

Headers

File Characteristics

Imports

msvcrt

kernel32

ws2_32

user32

advapi32

shell32

iphlpapi

Exports

Exports

Sections

.code Size: 29KB - Virtual size: 28KB

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 512B - Virtual size: 219B

.data Size: 5KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 29KB - Virtual size: 28KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 512B - Virtual size: 219B

.data
Size: 5KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB