89330044f5deb43da60f2ed8407567ecbcaff26764a5b3dfb7df11c31f169686

Sharing

Copy URL Twitter E-mail

General

Target

89330044f5deb43da60f2ed8407567ecbcaff26764a5b3dfb7df11c31f169686
Size

76KB
MD5

9c5df2be8aa240904a56274207416ac2
SHA1

03baa850ce0637aa703937542f7c8adac7eb2d8f
SHA256

89330044f5deb43da60f2ed8407567ecbcaff26764a5b3dfb7df11c31f169686
SHA512

c289576943f3fa219fbb70d76f68d644b019c977698522a0facc879e25876da72774e8e272ec619fc5f8408eb86ba53d65044b18c462d48c01b018a5c7238a4e
SSDEEP

1536:uzpCRkYDkDPaiJf6MWbGN5kTq8opoDveSJkVBoGiX:TRk9aioMWbAmopy1kVBoGiX

Score

N/A

Malware Config

Signatures

Files

89330044f5deb43da60f2ed8407567ecbcaff26764a5b3dfb7df11c31f169686
.dll windows x86

bd9ef34a2a59f291ebda263542eba189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FindFirstFileA
Sleep
FreeConsole
CreateDirectoryA
GetLocalTime
GetPrivateProfileStringA
GetProcAddress
CreateThread
GlobalAlloc
WritePrivateProfileStringA
MoveFileExA
FindNextFileA
FindClose
SetFilePointer
WriteFile
CloseHandle
GetTickCount
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
RtlUnwind
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetCPInfo
InterlockedDecrement
InterlockedIncrement
GetLastError
WideCharToMultiByte
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA

shell32

ShellExecuteA

shlwapi

PathIsDirectoryA
PathFileExistsW
PathFileExistsA

ws2_32

socket
htons
inet_addr
inet_ntoa
send
closesocket
gethostbyname
WSACleanup
WSAStartup
WSCDeinstallProvider
WSCEnumProtocols
WSCGetProviderPath
connect

Exports

Exports

ServiceMain

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd9ef34a2a59f291ebda263542eba189

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

ws2_32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB