f96a1d65a78934c91863d42d7e0b6cd5fd6a5f9f574f8f63389752c6ba1ad964

Sharing

Copy URL Twitter E-mail

General

Target

f96a1d65a78934c91863d42d7e0b6cd5fd6a5f9f574f8f63389752c6ba1ad964
Size

14KB
MD5

7f58558cdaad29832a923c2a910138b0
SHA1

90cd1fa287fcb38e2b3410bb51634e22ec1b0b79
SHA256

f96a1d65a78934c91863d42d7e0b6cd5fd6a5f9f574f8f63389752c6ba1ad964
SHA512

621c85f978d116822643bbd239480225245a595912bad4bdf3da28cadfbc4f7c6474726e8c33983a7669ef3e2c66135058ef10b6e0d699d9174b582f7622769c
SSDEEP

192:I7HhMMWvWOTy/6GNrN2fr9WksoCvQdQ9gCbA3+hf94ogDXhQiWZBWL:oHg+Om/6MB25WksoC4dQ9vb36AiWZBW

Score

N/A

Malware Config

Signatures

Files

f96a1d65a78934c91863d42d7e0b6cd5fd6a5f9f574f8f63389752c6ba1ad964
.dll windows x86

966d0b0318c224e31f1746728ef74a23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
WaitForSingleObject
CreateProcessA
Sleep
MoveFileA
DeleteFileA
GetSystemDirectoryA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
GlobalMemoryStatus
WinExec
ReadFile
GetFileSize
ExitThread
FindNextFileA
FindFirstFileA
lstrlenA
GetLogicalDriveStringsA
CreateMutexA
SetLocalTime
GetLocalTime
GetVersionExA
GetWindowsDirectoryA
MoveFileExA
GetCurrentProcess
TerminateProcess
CreateThread
GetLastError

user32

wsprintfA

advapi32

CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenServiceA
OpenSCManagerA
DeleteService

shell32

ShellExecuteA

wininet

InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetReadFile

shlwapi

SHDeleteValueA
SHDeleteKeyA

ws2_32

WSAStartup
htons
send
recv
connect
gethostbyname
closesocket
WSACleanup
WSASocketA
inet_addr

msvcrt

_adjust_fdiv
malloc
_initterm
free
ceil
_EH_prolog
__CxxFrameHandler
strstr
memcpy
sprintf
strcat
_ftol
memset
??2@YAPAXI@Z
strcpy
??3@YAXPAX@Z
strlen

Exports

Exports

ServiceHandler
ServiceMain
start

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

966d0b0318c224e31f1746728ef74a23

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

shlwapi

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 832B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 760B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 832B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 760B