7923cb36fae8a824dfe9e415ebf00325265dc2c047ff74ae036311965be5249c

Sharing

Copy URL

Twitter E-mail

General

Target

7923cb36fae8a824dfe9e415ebf00325265dc2c047ff74ae036311965be5249c
Size

80KB
MD5

670f69a6374b461d123ed616314d480b
SHA1

5d648ef1c6a5620e67b65205b250079fdd2881df
SHA256

7923cb36fae8a824dfe9e415ebf00325265dc2c047ff74ae036311965be5249c
SHA512

f8660b913725070f3523dc4a96b2ed10893f232b1b1568e1f431e554c10bc7ae1b50856fd7c88957bb3fda8f7063d66e88d1e46c4b247d6ee75b2298dd0f6afe
SSDEEP

1536:PcsriZiTLNxtH8DbtSWXlov+nUrgW99HiYDZOblI0nQhkpI9r7LtA6dU:BLxtH8D/V/UrgkYMKlnQII9r7LtA6dU

Score

N/A

Malware Config

Signatures

Files

7923cb36fae8a824dfe9e415ebf00325265dc2c047ff74ae036311965be5249c
.exe windows x86

beb778771ad06014c8fdcb3a89806e98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
select
WSAStartup
WSACleanup
htons
socket
connect
send
closesocket
recv

user32

wsprintfA
CharLowerA
IsWindow
SendMessageA
FindWindowExA
FindWindowA

kernel32

CreateProcessA
ExitThread
ExitProcess
GetTempPathA
GetSystemDefaultLangID
Sleep
ReleaseMutex
GetTickCount
CreateMutexA
lstrcmpiA
SetFileAttributesA
GetLastError
CreateDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetComputerNameA
CloseHandle
CreateThread
OpenMutexA
SetErrorMode
CopyFileA
SetEvent
DeleteFileA
LocalFree
LocalAlloc
GetVersionExA
GetLocaleInfoA
WaitForSingleObject
WritePrivateProfileStringA
GetLogicalDriveStringsA
GetDriveTypeA
LoadLibraryA
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetProcessHeap
GetWindowsDirectoryA
GetCommandLineA
InitializeCriticalSectionAndSpinCount
HeapAlloc
GetStartupInfoA
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
MultiByteToWideChar
ReadFile
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetStdHandle
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

advapi32

ControlService
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegQueryValueExA
StartServiceCtrlDispatcherA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
DeleteService

shell32

SHGetFolderPathA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

beb778771ad06014c8fdcb3a89806e98

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

user32

kernel32

advapi32

shell32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 436B