c06f2d272fd2f497f08948efe960a091dbbfd29f4723924cfe459ea5870f533a

Sharing

Copy URL Twitter E-mail

General

Target

c06f2d272fd2f497f08948efe960a091dbbfd29f4723924cfe459ea5870f533a
Size

84KB
MD5

b4b75a779386805ef17acf9e4229d29b
SHA1

e2b5e4d0d73b576ee7f1bed9c2f2274dc784c0fb
SHA256

c06f2d272fd2f497f08948efe960a091dbbfd29f4723924cfe459ea5870f533a
SHA512

72a120b5ef81a4b115ca9e0f8f73b57837b724d1d9f4074b9a5abd28b10bdd4f439a753b32bc1f80d0dd4b6d5006b7e94642901fa39caeba3af1b4ef6f8ed975
SSDEEP

1536:dn6s6E3TFvhHvN+fUai6LdQZfDFEW4bL9v162ZXUZToHoQS:d6s6E3TB1vN+fUaWZfDFFiv1dXUZToHI

Score

N/A

Malware Config

Signatures

Files

c06f2d272fd2f497f08948efe960a091dbbfd29f4723924cfe459ea5870f533a
.exe windows x86

bf949505554bd3588c4d6bcf4554b0cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
closesocket
send
WSAGetLastError
accept
WSAStartup
bind
WSACleanup
htons
socket
listen

mfc42

ord5194
ord5466
ord1997
ord4189
ord398
ord3337
ord5710
ord700
ord913
ord5594
ord6663
ord4278
ord3439
ord5606
ord2614
ord825
ord537
ord860
ord6142
ord5860
ord4129
ord4277
ord533
ord772
ord3701
ord500
ord798
ord924
ord939
ord800
ord858
ord823
ord3811
ord540
ord2820
ord2818

msvcrt

__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
_initterm
__dllonexit
??1type_info@@UAE@XZ
printf
fread
strncpy
sprintf
__p__fmode
_adjust_fdiv
fclose
strstr
_open
_close
_mbschr
_mbsstr
atoi
atol
__CxxFrameHandler
__p__commode
__set_app_type
_except_handler3
_itoa
_controlfp
fopen
exit
strchr
__setusermatherr
_stricmp
_strcmpi
_filelength

kernel32

WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
UnmapViewOfFile
GetProcAddress
IsBadReadPtr
GetExitCodeThread
CloseHandle
FreeLibrary
GetTickCount
Sleep
CreateThread
WriteFile
GetLastError
EnterCriticalSection
LocalFree
LeaveCriticalSection
FormatMessageA
lstrcatA
CreateFileA
GetSystemDirectoryA
lstrlenA
lstrcpyA
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
GetComputerNameA
GetVersionExA
lstrcpynA
MapViewOfFile
SetConsoleCtrlHandler
SleepEx
lstrcmpA
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerA
WaitForSingleObject
DisconnectNamedPipe
ReadFile
GlobalFree
CreateFileMappingA
GetStringTypeA
WaitForMultipleObjects
ResetEvent
CreateNamedPipeA
GlobalAlloc
CreateEventA
SetEvent
GetStartupInfoA
GetModuleHandleA
GetFileSize
lstrcmpiA
ConnectNamedPipe
GetModuleFileNameA
GetProcessHeap
GetCurrentProcessId
GetCurrentThreadId

user32

IsWindow
wsprintfA
SendMessageA

advapi32

DeleteService
OpenSCManagerA
RegCloseKey
CloseServiceHandle
CreateServiceA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
ControlService
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
QueryServiceStatus

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf949505554bd3588c4d6bcf4554b0cc

Headers

File Characteristics

Imports

ws2_32

mfc42

msvcrt

kernel32

user32

advapi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 240B

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 240B