ea2866dd2f5cbc2e4448a9a1aa10bc09c96356f2c4d950b43a0146bab312820e

General

Target

ea2866dd2f5cbc2e4448a9a1aa10bc09c96356f2c4d950b43a0146bab312820e
Size

12KB
MD5

56048eac760260c5b3368aacc1b720ad
SHA1

4d14c247aa9cc84a13af051649e94aaac3cc1b23
SHA256

ea2866dd2f5cbc2e4448a9a1aa10bc09c96356f2c4d950b43a0146bab312820e
SHA512

c6717a515afbbb2520eff6f8c8ed38dcdfc81bbfd968449e749192ea0f9218c7edd7e7e7b423cd5c1034a8685b104edcfb43414e9c459dad26aaddf5db0beed8
SSDEEP

192:yiGZDA8VGEnlxiineEjAkGFkXfaMCPlPwWrUIOZE/KfjFO:yiGZDzLisTMLFkXfglPwWfEV

Score

N/A

Malware Config

Signatures

Files

ea2866dd2f5cbc2e4448a9a1aa10bc09c96356f2c4d950b43a0146bab312820e
.dll windows x86

99062802b068f3c884667809dd7c003d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
WideCharToMultiByte
lstrlenW
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetCurrentProcessId
WaitForSingleObject
CreateThread
Process32Next
lstrcpyA
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetProcAddress
GetModuleHandleA
LoadLibraryA
FreeLibrary
WriteFile
DisableThreadLibraryCalls
lstrcatA
lstrlenA
Sleep
GetCommandLineA
DeleteFileA
CloseHandle
CreateFileA
GetTempPathA
DeviceIoControl
TerminateProcess
GetLastError

user32

GetCursorPos
GetForegroundWindow
GetWindow
GetWindowTextA
GetClassNameA
GetWindowRect
SetCursorPos
MapVirtualKeyA
GetWindowThreadProcessId
SendMessageA
PostMessageA
FindWindowExA
MessageBoxA
wsprintfA
FindWindowA

advapi32

ControlService
RegCreateKeyA
RegSetValueExA
RegCloseKey
DeleteService
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceA
StartServiceA

msvcrt

strncpy
strstr
malloc
free
_initterm
_adjust_fdiv
_stricmp
atoi

Exports

Exports

zzz

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99062802b068f3c884667809dd7c003d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 842B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 842B