994dbd51428265b2634c49e8674eda23dd784a971f1e77e33ea772dc289f7d69 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

994dbd51428265b2634c49e8674eda23dd784a971f1e77e33ea772dc289f7d69
Size

66KB
MD5

06ce4b49567747263c3eaadfcda91440
SHA1

911e34ee2ded7f7677f1053742be3481f453e79b
SHA256

994dbd51428265b2634c49e8674eda23dd784a971f1e77e33ea772dc289f7d69
SHA512

7359b81336dbbda33f37606050bed20010248d4abb1c7a577ac56d41eff9064c77f13d1f62060bfd65b759cc5f960e8dfebc1d9cb24e998c96a433435fa1ddfc
SSDEEP

1536:6r5ZomYFnToIf0yquQ9mYHS58M7WiVQnF0jNOJ1b:6r5ZontTBf0yNPYU4nF0jgJ

Score

N/A

Malware Config

Signatures

Files

994dbd51428265b2634c49e8674eda23dd784a971f1e77e33ea772dc289f7d69
.dll windows x86

97f2fdda0af1b864db5673f1d4c70209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CloseHandle
CreatePipe
GetProcAddress
LoadLibraryA
FreeLibrary
FindClose
FindNextFileA
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
DeleteFileA
CopyFileA
MoveFileA
GetCurrentProcess
WinExec
SetLastError
lstrlenA
Process32Next
GetPriorityClass
OpenProcess
Module32First
Process32First
lstrcpyA
CreateThread
lstrcpynA
MoveFileExA
SetThreadPriority
GetFileSize
WriteFile
FreeConsole
GetCurrentProcessId
HeapAlloc
GetProcessHeap
GlobalMemoryStatus
InterlockedExchange
RaiseException
LocalAlloc

msvcp60

??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
_except_handler3
atoi
strcspn
strstr
_ftol
strncpy
printf
wcstombs
malloc
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
sprintf
strncat
rand
_strlwr

Exports

Exports

Install
RundllInstall
RundllUninstall
ServiceMain

Sections

.reloc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ