0cdfdeb55720327f334743763e78fd7f98fbe436143fe6e22f8a3de7880dc8a4

Sharing

Copy URL Twitter E-mail

General

Target

0cdfdeb55720327f334743763e78fd7f98fbe436143fe6e22f8a3de7880dc8a4
Size

72KB
MD5

9cdd7bd03066d8f914cdca3667de9a0c
SHA1

f1756838c49e0cda5317465bc02214c58aaedb2d
SHA256

0cdfdeb55720327f334743763e78fd7f98fbe436143fe6e22f8a3de7880dc8a4
SHA512

13faf88d39048cdae720924be828b5a76114b92c15efbc52817bd22424a6db7362649da4df43498e2ca317657661ad35c42cce87c5f6a2dfd1d9cda29f8cff51
SSDEEP

768:gJNdA7bNHlX0ZB1yp2IQGT7MMqKsZRtNWtuJKoh53fGc8265toBfqZ:gJab8PGT7KNX54OR3x65tAf

Score

N/A

Malware Config

Signatures

Files

0cdfdeb55720327f334743763e78fd7f98fbe436143fe6e22f8a3de7880dc8a4
.dll windows x86

08f9586d73e03539023e22127f68c59a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
Process32Next
FileTimeToSystemTime
WinExec
TerminateProcess
OpenProcess
ReadFile
PeekNamedPipe
CreateProcessA
CreatePipe
GetCurrentThreadId
GetCurrentProcess
GetVersionExA
MoveFileExA
FindClose
FindNextFileA
GetLastError
GetSystemDirectoryA
GetLogicalDrives
GetDriveTypeA
FreeConsole
lstrcatA
CreateThread
Process32First
CreateToolhelp32Snapshot
Sleep
SetHandleCount
TlsSetValue
HeapReAlloc
TlsAlloc
GetOEMCP
GetACP
VirtualAlloc
SetFilePointer
GetStringTypeW
GetStringTypeA
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
RtlUnwind
LoadLibraryA
GetProcAddress
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FreeEnvironmentStringsW
TlsFree
SetLastError
TlsGetValue
MultiByteToWideChar
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
HeapCreate
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
VirtualFree
HeapFree
HeapAlloc
GetCPInfo

user32

CloseDesktop
GetProcessWindowStation
OpenDesktopA
SetThreadDesktop
CloseWindowStation
GetThreadDesktop
SetProcessWindowStation
OpenWindowStationA
GetDesktopWindow

advapi32

RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
SetServiceStatus
OpenProcessToken
RegCloseKey
LookupPrivilegeValueA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
GetTokenInformation
LookupAccountSidA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA

ws2_32

recv
closesocket
socket
htons
inet_addr
connect
gethostbyname
inet_ntoa
gethostname
WSAGetLastError
WSAStartup
send

Exports

Exports

ServiceMain

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08f9586d73e03539023e22127f68c59a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 4KB