419df9e294c08fe307b5335c531599c052bdab693bcd687d91a318e168924dae

General

Target

419df9e294c08fe307b5335c531599c052bdab693bcd687d91a318e168924dae
Size

19KB
MD5

95378ec3145cfa8fa3c032cb41b38d90
SHA1

5baa1ef7512e81cb76edab87db76c18f3ab460e8
SHA256

419df9e294c08fe307b5335c531599c052bdab693bcd687d91a318e168924dae
SHA512

0dd04556e6781441765dfa4cdab3d0025caa4cdee8e03654f4f0faff8446eae24fb1ca5f3465e4d60710e89fc80e1440c6326085d5dd066e9e8feda0848a3d70
SSDEEP

384:/KZh44lp5XgxftR7wjjBdT2RHpq/eIyhhyO:/K4i5XsVRkPBdT4sWP

Score

N/A

Malware Config

Signatures

Files

419df9e294c08fe307b5335c531599c052bdab693bcd687d91a318e168924dae
.dll windows x86

a5a176057d34657c0e6f203c1851f9b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
Sleep
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
lstrcmpA
lstrlenA
FindFirstFileA
lstrcatA
GetSystemDirectoryA
WriteFile
LocalFree
CreateFileA
GetProcAddress
LoadLibraryA
CreateMutexA
LockResource
LoadResource
SizeofResource
FindResourceA
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
CreateRemoteThread
DuplicateHandle
GetCurrentProcess
CreateThread
CloseHandle
ReleaseMutex
lstrcmpiA
DeleteFileA
GetModuleFileNameA
CopyFileA
CreateEventA
GetLastError
SetEvent

user32

wsprintfA

advapi32

SetEntriesInAclA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCloseKey
GetTokenInformation
OpenProcessToken
SetSecurityInfo

Exports

Exports

CoGetComCatalog
GetRPCSSInfo
RundllInstall
ServiceMain
WhichService

Sections

.bss
Size: - Virtual size: 65KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5a176057d34657c0e6f203c1851f9b0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.bss Size: - Virtual size: 65KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 1024B - Virtual size: 872B

.bss
Size: - Virtual size: 65KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 872B