652f3e3ab65192ed25cb52df70bc95f8aeb87d7f7ad584a3f4948e40c526a0bc

General

Target

652f3e3ab65192ed25cb52df70bc95f8aeb87d7f7ad584a3f4948e40c526a0bc
Size

13KB
MD5

9949b77ac477e09a5bcae9c443e61d58
SHA1

d3a9aebc25e82381553cfbbc4fbfbd318c350414
SHA256

652f3e3ab65192ed25cb52df70bc95f8aeb87d7f7ad584a3f4948e40c526a0bc
SHA512

63d70a6cd0231fb8ff0e2fc5927a570fb23da3b244d81a607972fa7720a75b0e8c72f9f2655c616ff5e257f787e4e6860f83b9e9ee95917e8294a63fea783deb
SSDEEP

192:UOwXdlpq2ZwhbKEuzjHCXjiDo9vnnKQj8g7f8KsbfelG6ba1D6NcAUqw:UTNlplZ6uPHC1hiwUPbGlG71DScAU

Score

N/A

Malware Config

Signatures

Files

652f3e3ab65192ed25cb52df70bc95f8aeb87d7f7ad584a3f4948e40c526a0bc
.dll windows x86

284be64ca0046f662232dad64867f799

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ReadFile
GetFileSize
CreateFileA
GetLastError
OpenProcess
GetModuleFileNameA
LoadLibraryA
CreateThread
VirtualProtect
WriteFile
lstrlenA
GetLocalTime
WideCharToMultiByte
SetFilePointer
OutputDebugStringW
lstrlenW
GetProcAddress
WriteProcessMemory
GetModuleHandleA
CreateRemoteThread
GetCurrentProcess
GetFileAttributesA
CreateProcessA
WaitForSingleObject
TerminateProcess
CloseHandle
GetSystemDirectoryA
Sleep
GlobalAlloc
GlobalFree
OutputDebugStringA

user32

wsprintfA
wsprintfW

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
StartServiceA
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA

shell32

ShellExecuteA

ws2_32

recv
send

Exports

Exports

AcntMgr
EventLogon
EventStartup

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MySec
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

284be64ca0046f662232dad64867f799

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 28B

MySec Size: 512B - Virtual size: 272B

.reloc Size: 1024B - Virtual size: 700B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 28B

MySec
Size: 512B - Virtual size: 272B

.reloc
Size: 1024B - Virtual size: 700B