d10c1194994e1586d1e593db9a0625ffd2c0eeeae9d08a8e606fab925c837aca

Sharing

Copy URL

Twitter E-mail

General

Target

d10c1194994e1586d1e593db9a0625ffd2c0eeeae9d08a8e606fab925c837aca
Size

93KB
MD5

d54485db55beb92ab6898f69d9ea934f
SHA1

71cf516380ee596745f7de3a02a8899d4fa76be8
SHA256

d10c1194994e1586d1e593db9a0625ffd2c0eeeae9d08a8e606fab925c837aca
SHA512

1e59f712c7bcc4c3923d9631e72403cd5f2e8dc4178fed2557fe8a54cb236a99f91baebaeca42476537a2743ebfdd161bfd11acc6dd9080bc3de049bcd3c9d53
SSDEEP

1536:ZTvwvfWTc0nYfrVj+OLesY6YTkIuzL3n9XQ3Wdb6La:KnWTc0nyj+yesAAzL1Q3Wdbd

Score

N/A

Malware Config

Signatures

Files

d10c1194994e1586d1e593db9a0625ffd2c0eeeae9d08a8e606fab925c837aca
.dll windows x86

f4a29acb83bac2fd0cc5ebcbe199fd83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
FlushFileBuffers
WriteFile
CreateFileA
GetLocalTime
DeleteFileA
WaitForSingleObject
lstrcatA
GetTempPathA
lstrcmpA
GetProcAddress
CloseHandle
GetConsoleWindow
Sleep
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LCMapStringW
LoadLibraryW
HeapReAlloc
RtlUnwind
GetModuleFileNameW
GetSystemTimeAsFileTime
CreateFileW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
RaiseException
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
IsProcessorFeaturePresent
HeapSize
GetModuleHandleW
ExitProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy

advapi32

RegisterServiceCtrlHandlerExA
StartServiceCtrlDispatcherA
SetServiceStatus
ControlService
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteExA

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
DeleteUrlCacheEntry
InternetQueryDataAvailable
InternetOpenUrlA

Exports

Exports

ServiceMain
_HandlerEx@16

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4a29acb83bac2fd0cc5ebcbe199fd83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 6KB