6dec543e5d84b98ac74e496d6b582fde1ea747d7e009d73521f40252db497b11

General

Target

6dec543e5d84b98ac74e496d6b582fde1ea747d7e009d73521f40252db497b11
Size

19KB
MD5

1216fcc7544097ab75be8c75f9f61d00
SHA1

66e814c948cb202a24300ddeccf119d088f5d69d
SHA256

6dec543e5d84b98ac74e496d6b582fde1ea747d7e009d73521f40252db497b11
SHA512

26c2384fd72341057c74bde3a26688983d5907c1f9124a60c9945da9600a6cd6e1641af3ae83662834121bf7c5dac973ce6e6712e0ba60c17307bd01938976da
SSDEEP

384:KLLQemjSCk8CWk0qny+pNzDZkhhIDcDHsp9dclx7TCmfgI3BSf8TKI:KLTCk8Q0qnyAzDp/ITCmfl3BBp

Score

N/A

Malware Config

Signatures

Files

6dec543e5d84b98ac74e496d6b582fde1ea747d7e009d73521f40252db497b11
.exe windows x86

0caf47b508d3ccb3edb0d062831533c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
TerminateProcess
lstrcatA
GetStartupInfoA
CopyFileA
ResetEvent
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
lstrcpyA
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
RaiseException
EnterCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
WaitForSingleObject
SetEvent
GetCommandLineA
SetUnhandledExceptionFilter
lstrcmpA
ExitProcess
CreateThread
CloseHandle
GetLastError
CreateEventA
Sleep
GetProcessHeap
GetTickCount
lstrlenA

shell32

SHGetFolderPathA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
OpenSCManagerA
SetServiceStatus
CreateServiceA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
RegSetValueExA

ws2_32

htons
WSAGetLastError
select
inet_addr
getsockname
connect
ioctlsocket
WSACleanup
WSAStartup
shutdown
recv
socket
__WSAFDIsSet
closesocket
send
inet_ntoa

shlwapi

StrStrA
PathFindFileNameA
StrStrIA

dnsapi

DnsRecordListFree
DnsQuery_A

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0caf47b508d3ccb3edb0d062831533c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

advapi32

ws2_32

shlwapi

dnsapi

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 171B

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 171B

.rsrc
Size: 512B - Virtual size: 16B