9284489de49906fa83b93dd018f95a6e2ceb58d5cb083518a7c659af654d767f

General

Target

9284489de49906fa83b93dd018f95a6e2ceb58d5cb083518a7c659af654d767f
Size

18KB
MD5

de5652d9c38b4bbec8c598e3b0c5eb8e
SHA1

45dedfd300a326e730ede643990b6c28f25dcac9
SHA256

9284489de49906fa83b93dd018f95a6e2ceb58d5cb083518a7c659af654d767f
SHA512

d3180e6fb087c02ac29a335e61b50eebecfca44ac024609874d7603b674c69083290450269a6e44c4e16f78f9630ac8b128203e948167ed03ec787996a86291f
SSDEEP

384:2wO5Lsi5oiFrhR2p/ysYfNKNLEjocCY/ldPAiq7v4HZCK0dt2qeP2:2D5HFuyNf8Cq7veHe

Score

N/A

Malware Config

Signatures

Files

9284489de49906fa83b93dd018f95a6e2ceb58d5cb083518a7c659af654d767f
.dll windows x86

d882dec70ac747586bb64a0243409ef6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetTempPathA
GetThreadContext
HeapAlloc
HeapFree
MoveFileA
OpenEventA
OpenProcess
Process32First
Process32Next
GetLastError
ResumeThread
SetEvent
SetFileAttributesA
SetFilePointer
SetThreadContext
Sleep
VirtualAllocEx
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleOutputA
WriteProcessMemory
lstrcatA
lstrcmpiA
lstrcpyA
GetFileSize
GetCurrencyFormatA
DeleteFileA
CreateToolhelp32Snapshot
CreateThread
CreateRemoteThread
CreateProcessA
CreateFileA
CreateEventA
CreateDirectoryA
ReadFile
CloseHandle

advapi32

RegOpenKeyExA
RegCloseKey
OpenServiceA
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
DeleteService
ControlService
CloseServiceHandle
AdjustTokenPrivileges
RegQueryValueExA

Exports

Exports

proc1

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d882dec70ac747586bb64a0243409ef6

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 804B

.reloc Size: 512B - Virtual size: 296B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 804B

.reloc
Size: 512B - Virtual size: 296B