c6559cb8a11dab4c509356a5ffa7b74351f084dbe498fa12b90f2a686ab45e3a

Sharing

Copy URL Twitter E-mail

General

Target

c6559cb8a11dab4c509356a5ffa7b74351f084dbe498fa12b90f2a686ab45e3a
Size

45KB
MD5

ed0117ce20ccf3c96d50dc17e6d68526
SHA1

3ba6f16e36ef12935501cf7a5b1ed2c9a39842de
SHA256

c6559cb8a11dab4c509356a5ffa7b74351f084dbe498fa12b90f2a686ab45e3a
SHA512

2fd1c7f86033f630fdd03d882cca2512e57896a2d67be8b8c4cce2df7f89f930b42128ee035fd5b2aee70bb2c3752e20574f8a8419ac770737c1f32db94456b3
SSDEEP

768:OgjWlTL5lS86GqkxeTdhdNnZ9Kb6lQhqCmC9Gc+cZffoqKIoclGGGeGGGma/t0:filTWTdr8elQ9mC0c3H/oIGGGeGGGmq

Score

N/A

Malware Config

Signatures

Files

c6559cb8a11dab4c509356a5ffa7b74351f084dbe498fa12b90f2a686ab45e3a
.dll windows x86

dc1f7b9ced7ebf7f6a5ac71f782829f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
GetLocalTime
OutputDebugStringA
WriteFile
GetStdHandle
CreateThread
DeleteFileA
lstrcmpA
CreateFileA
GetSystemDirectoryA
lstrcpyA
Sleep
CreateToolhelp32Snapshot
Process32First
lstrcatA
Process32Next
lstrlenA
CloseHandle
SetLastError
GetModuleFileNameA
WinExec
GetLastError
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
SetStdHandle
FlushFileBuffers
SetFilePointer

advapi32

RegisterServiceCtrlHandlerA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
SetServiceStatus

ws2_32

WSAStartup
htons
inet_addr
gethostbyname
socket
connect
gethostname
send
recv
shutdown
closesocket
WSACleanup

Exports

Exports

InstallService
RundllInstallA
ServiceMain

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc1f7b9ced7ebf7f6a5ac71f782829f8

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 3KB