a58802e11736b0570072beec5dd5bef90ce12ff34ad2f069aa951937f5258e4f

Sharing

Copy URL Twitter E-mail

General

Target

a58802e11736b0570072beec5dd5bef90ce12ff34ad2f069aa951937f5258e4f
Size

60KB
MD5

2be8f0ef4b34d54d2c955453b04fb549
SHA1

c646cd82a452c5e9be6b5672f711f651942adf40
SHA256

a58802e11736b0570072beec5dd5bef90ce12ff34ad2f069aa951937f5258e4f
SHA512

738244267dcbeced003a73bc1d9ce30fde4a2b48e873fa1abf96ff9532b51eadd3e6e37eebbfe764ea909a17904e80ade036c1a3b7474992e03e26513279b16c
SSDEEP

768:nxAFkmhpNFPpLgZwp4JRZYQEbQFnToIf1Pq4QlUHr8a8W:xpmLHPpLgZwp4VKQFnToIffQaHr8l

Score

N/A

Malware Config

Signatures

Files

a58802e11736b0570072beec5dd5bef90ce12ff34ad2f069aa951937f5258e4f
.dll windows x86

27992941b371a11d657fb4301a90ba65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CreatePipe
CreateFileA
WriteFile
FreeLibrary
GetModuleFileNameA
SetLastError
OutputDebugStringA
GetStdHandle
GetTickCount
FindFirstFileA
FindNextFileA
FindClose
SetFileAttributesA
DeleteFileA
LocalAlloc
LocalFree
GetCurrentProcess
GetLastError
LoadLibraryA
ReadFile
WaitForSingleObject
PeekNamedPipe
CreateMutexA
CreateThread
Sleep
GetCurrentThreadId
GlobalMemoryStatus
GetProcAddress
OpenProcess
TerminateProcess
CloseHandle
GetComputerNameA
GetVersionExA
GetDriveTypeA
GetDiskFreeSpaceExA
FreeConsole

user32

CloseWindowStation
CloseDesktop
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
GetSystemMetrics
GetProcessWindowStation
wsprintfA
SetThreadDesktop

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteDC
DeleteObject
CreateDCA

advapi32

RegCloseKey
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
DeleteService
QueryServiceConfig2A
QueryServiceConfigA
EnumServicesStatusA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegSetValueExA
RegCreateKeyA
CreateServiceA
ControlService

shell32

ShellExecuteA

ws2_32

closesocket
WSAGetLastError
socket
WSAStartup
connect
htons
gethostbyname
send
recv

msvcrt

printf
_adjust_fdiv
_initterm
_iob
??1type_info@@UAE@XZ
free
malloc
_stricmp
??3@YAXPAX@Z
_vsnprintf
fopen
_strtime
_strdate
fprintf
fclose
_CxxThrowException
strchr
strncpy
strncat
_except_handler3
_ftol
??2@YAPAXI@Z
atoi
__CxxFrameHandler

Exports

Exports

InstallA
InstallService
ServiceMain
UninstallA
UninstallService
start

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27992941b371a11d657fb4301a90ba65

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB