c2bea84a6edbd3dabe805bdf70c03989039a570d129ce3abff64b7238cf009d4

Sharing

Copy URL Twitter E-mail

General

Target

c2bea84a6edbd3dabe805bdf70c03989039a570d129ce3abff64b7238cf009d4
Size

44KB
MD5

72c5b96d90396bfabd905744ca5a1102
SHA1

50ef90668bc46678d531869de2c0243ea0be4e46
SHA256

c2bea84a6edbd3dabe805bdf70c03989039a570d129ce3abff64b7238cf009d4
SHA512

1c60eab9e84363508da580c9d94c19aad7954b34cfa4c375355ea5b4db03ec5f3574b862ae266f84e47ebe1ef18b5d4c46472a002142bd3ed53816685a1c9dea
SSDEEP

768:6JyfMXpPoQ9nTC8XdKCLaymg3dM3EwLeiqhN5FUMCLjsWGGGVGGGkasED2c:60OpTC8t1X3dMReiKAXsWGGGVGGGkZUn

Score

N/A

Malware Config

Signatures

Files

c2bea84a6edbd3dabe805bdf70c03989039a570d129ce3abff64b7238cf009d4
.dll windows x86

b1e66220da3bd22266f01e52cb802f14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
Sleep
lstrcpyA
CreateThread
FreeConsole
CreateFileA
GetModuleFileNameA
SetLastError
OutputDebugStringA
GetStdHandle
lstrcmpA
WriteFile
DeleteFileA
WinExec
CreateToolhelp32Snapshot
Process32First
lstrcatA
Process32Next
lstrlenA
GetLastError
CloseHandle
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer

advapi32

RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegOpenKeyExA

ws2_32

WSAStartup
htons
inet_addr
gethostbyname
socket
connect
gethostname
send
recv
shutdown
closesocket
WSACleanup

Exports

Exports

InstallService
RundllInstallA
ServiceMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1e66220da3bd22266f01e52cb802f14

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 3KB