6dbeff764c3508df4f442452590f744aed3b48c3d06205ef714be59585cdbd0d

Sharing

Copy URL Twitter E-mail

General

Target

6dbeff764c3508df4f442452590f744aed3b48c3d06205ef714be59585cdbd0d
Size

16KB
MD5

792b600ef98de92ada78687cd704f5da
SHA1

47254aa1b09eee5ebfb3f5035ce4708662257293
SHA256

6dbeff764c3508df4f442452590f744aed3b48c3d06205ef714be59585cdbd0d
SHA512

6605dc182b259ce6548872ca2b67f04659d3bd9f490c0b0062126fcb1b6bf8de2b4beb277b475e5f538078a758bec994cd975c206fb83c6384edde03b2c7d38e
SSDEEP

384:l7UDHKHEQRPFo/uENPRehNIEDuDC3Lpnduwf1xv:l7UDHmM/PmhNIEiSpnUwN

Score

N/A

Malware Config

Signatures

Files

6dbeff764c3508df4f442452590f744aed3b48c3d06205ef714be59585cdbd0d
.dll windows x86

7c26e3eae385b1dd93e058ea848dbf89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
GetDriveTypeW
FindClose
FindNextFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileW
TerminateProcess
OpenProcess
GetLastError
ReadFile
SetFilePointer
GetFileSize
CreateFileW
Process32NextW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
CreateDirectoryW
MoveFileW
CreateProcessW
GetSystemDirectoryW
GetStartupInfoW
CreatePipe
Sleep
WideCharToMultiByte
MoveFileExW
GetModuleFileNameW
GetCurrentProcess
FreeConsole
GetVersionExW
GetVersion
SetEvent
GetComputerNameW
MultiByteToWideChar
CreateEventW
ResetEvent
WaitForSingleObject
CreateThread
WriteFile

user32

ExitWindowsEx

advapi32

CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
DeleteService
RegisterServiceCtrlHandlerW
SetServiceStatus

shell32

SHGetFileInfoW
ShellExecuteW

ws2_32

socket
htons
inet_addr
connect
send
WSAStartup
gethostbyname
inet_ntoa
select
recv
closesocket
gethostname

msvcrt

swprintf
??3@YAXPAX@Z
wcscat
wcscpy
_wtoi
_adjust_fdiv
malloc
_initterm
free
_beginthread
_except_handler3
_wsplitpath
wcslen
wcsncpy
??2@YAPAXI@Z

shlwapi

PathFileExistsW

Exports

Exports

ServiceMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 766B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c26e3eae385b1dd93e058ea848dbf89

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 766B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 766B