f045251efbb8f72cdaf27689046e07fc91adc2408c0d6b4e2ccf3f6f725f1d08

Sharing

Copy URL Twitter E-mail

General

Target

f045251efbb8f72cdaf27689046e07fc91adc2408c0d6b4e2ccf3f6f725f1d08
Size

78KB
MD5

082a2397ed2bf3ed8b005a09cd018950
SHA1

a75a85779aad4a04a19b5971a8eff3a81792246c
SHA256

f045251efbb8f72cdaf27689046e07fc91adc2408c0d6b4e2ccf3f6f725f1d08
SHA512

b0b94b4567c0d8ceb7044febf03e702c9666a0e4a0b97e9a22830067de725f8b21a9f4ca453043589a90c543733e07618aad492b1e4767f9da9f815b4a59db2a
SSDEEP

1536:G16yTJnJ+9yfi08Gtd5Q4SbPsMcyiWf3ok31KyfCw:G1NT+9y3YPsMFiA3ok31Kyft

Score

N/A

Malware Config

Signatures

Files

f045251efbb8f72cdaf27689046e07fc91adc2408c0d6b4e2ccf3f6f725f1d08
.dll windows x86

07d113f81a3c86c11a06e198f2e81f17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
CreateToolhelp32Snapshot
GetStartupInfoA
LocalFree
ReadFile
LocalAlloc
WaitForMultipleObjects
lstrlenA
TerminateThread
GlobalMemoryStatus
GetSystemInfo
GetComputerNameA
GetVersionExA
OpenEventA
SetErrorMode
lstrcmpiA
GetCurrentProcess
GetWindowsDirectoryA
SetFilePointer
lstrcpyA
lstrcatA
DeleteFileA
CreateProcessA
GetProcessHeap
HeapAlloc
GetCurrentProcessId
CreateThread
GetLocalTime
GetTickCount
CancelIo
InterlockedExchange
SetEvent
ResetEvent
GetLastError
CreateDirectoryA
Process32Next
WaitForSingleObject
FreeLibrary
CloseHandle
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
LoadLibraryA
GetProcAddress
Sleep
GetCurrentThreadId

user32

MessageBoxA
GetWindowTextA
ExitWindowsEx
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
wsprintfA
RegisterClassA

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenServiceA
DeleteService
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
StartServiceA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSaveKeyA
RegRestoreKeyA
RegDeleteKeyA
OpenSCManagerA

msvcrt

_beginthreadex
_strrev
??1type_info@@UAE@XZ
free
calloc
srand
_access
wcstombs
atoi
_stricmp
malloc
strrchr
strncpy
sprintf
putchar
puts
??3@YAXPAX@Z
memmove
ceil
_ftol
strstr
__CxxFrameHandler
??2@YAPAXI@Z
_CxxThrowException
rand

ws2_32

select
htons
gethostbyname
socket
WSAStartup
send
WSAIoctl
inet_addr
connect
sendto
WSASocketA
htonl
getsockname
closesocket
WSACleanup
recv
setsockopt

wininet

InternetGetConnectedState

Exports

Exports

ServiceMain

Sections

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07d113f81a3c86c11a06e198f2e81f17

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

ws2_32

wininet

Exports

Exports

Sections

.data Size: 71KB - Virtual size: 70KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.data
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB