9815ead975d5e66f1c3610d3a54643aa82fcfd1867b5da82e30297bbb06e4b8b

General

Target

9815ead975d5e66f1c3610d3a54643aa82fcfd1867b5da82e30297bbb06e4b8b
Size

19KB
MD5

318363c6a9e2b1a91a1ff8ce6e5f837c
SHA1

b304ab32f9d9911c30636047f2c9556b579a53ca
SHA256

9815ead975d5e66f1c3610d3a54643aa82fcfd1867b5da82e30297bbb06e4b8b
SHA512

54cb2e79574561508f20268034551e4598765c38e14001739c646d5cd827595f704b3b8c303892150bc59fc360a725cbc228ee7cf98fc52dd1553c976844270d
SSDEEP

384:nLLQemjSCk8CWk0qny+ONzDZkhhIDrDHsp9dclx7TCmfgI3BSf8TKI:nLTCk8Q0qnyXzSp/ITCmfl3BBp

Score

N/A

Malware Config

Signatures

Files

9815ead975d5e66f1c3610d3a54643aa82fcfd1867b5da82e30297bbb06e4b8b
.exe windows x86

0caf47b508d3ccb3edb0d062831533c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
TerminateProcess
lstrcatA
GetStartupInfoA
CopyFileA
ResetEvent
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
lstrcpyA
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
RaiseException
EnterCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
WaitForSingleObject
SetEvent
GetCommandLineA
SetUnhandledExceptionFilter
lstrcmpA
ExitProcess
CreateThread
CloseHandle
GetLastError
CreateEventA
Sleep
GetProcessHeap
GetTickCount
lstrlenA

shell32

SHGetFolderPathA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
OpenSCManagerA
SetServiceStatus
CreateServiceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
RegSetValueExA

ws2_32

htons
WSAGetLastError
select
inet_addr
getsockname
connect
ioctlsocket
WSACleanup
WSAStartup
shutdown
recv
socket
__WSAFDIsSet
closesocket
send
inet_ntoa

shlwapi

StrStrA
PathFindFileNameA
StrStrIA

dnsapi

DnsRecordListFree
DnsQuery_A

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0caf47b508d3ccb3edb0d062831533c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

advapi32

ws2_32

shlwapi

dnsapi

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 171B

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 171B

.rsrc
Size: 512B - Virtual size: 16B