f962e9ee8e8625c810f975c0956f48042ed5592809f747be457e6e3b07a27411

General

Target

f962e9ee8e8625c810f975c0956f48042ed5592809f747be457e6e3b07a27411
Size

28KB
MD5

68c07bf2971528cbb196b77fb0d4b218
SHA1

cb9a2dfba687e81f8643a7ea4e2949edf25aa6e9
SHA256

f962e9ee8e8625c810f975c0956f48042ed5592809f747be457e6e3b07a27411
SHA512

403f8178c31d73e40caae061ac529eb50e11b32d36c46f3a298786beffbf84e169846d1b6b0809a16572f49cc3666731bd90347ccf7e253a13c416d8448a95de
SSDEEP

384:Pfo+TFSNDfq18MOh8M0JWGYR+PCGQrCs10hc:PfoQFX18vh8M0JWnR+PCG+P7

Score

N/A

Malware Config

Signatures

Files

f962e9ee8e8625c810f975c0956f48042ed5592809f747be457e6e3b07a27411
.dll windows x86

2f51a2c5328cb7a9a8df1df7debf0633

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord924
ord922
ord4202
ord6663
ord939
ord4278
ord4129
ord2818
ord354
ord350
ord5186
ord665
ord1979
ord540
ord5442
ord6385
ord3663
ord3616
ord3127
ord5651
ord858
ord535
ord860
ord6877
ord4204
ord2764
ord537
ord800

msvcrt

_adjust_fdiv
malloc
__CxxFrameHandler
strstr
atoi
_mbscmp
_initterm
free
_onexit
__dllonexit

kernel32

GetModuleHandleA
GetProcAddress
CreateRemoteThread
OpenProcess
LocalAlloc
WriteProcessMemory
GetComputerNameA
CreateThread
CloseHandle
GetFileSize
CreateFileA
VirtualAllocEx
ReadProcessMemory
TerminateProcess
GetVersionExA
GetSystemDirectoryA
ReadFile
Sleep
GetModuleFileNameA
SetFilePointer

user32

GetWindowTextA
GetForegroundWindow
GetWindowThreadProcessId

advapi32

ChangeServiceConfig2A
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
CloseServiceHandle
CreateServiceA

psapi

GetModuleFileNameExA

shlwapi

PathFileExistsA

ws2_32

recv
closesocket
send
connect
htons
socket
gethostbyname
WSAStartup

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f51a2c5328cb7a9a8df1df7debf0633

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

psapi

shlwapi

ws2_32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 1KB