eec2e97bb4c57d82735b0d548417d1dd2f14bad7f704f37aa8a9700f5dd72124

Sharing

Copy URL Twitter E-mail

General

Target

eec2e97bb4c57d82735b0d548417d1dd2f14bad7f704f37aa8a9700f5dd72124
Size

70KB
MD5

bbde96f65e5f7d096923f270af41c7ee
SHA1

9d43f407c4b7e5c0d9d044d5f22faa6e3447d376
SHA256

eec2e97bb4c57d82735b0d548417d1dd2f14bad7f704f37aa8a9700f5dd72124
SHA512

7929dfc7fe84c532e229957c076b2e3b2769bedf459befb8fc644df4ceecefa5c040cabae0646ed95504af9efcfc84f232471f862d455ba4ff9d77fcf49d6996
SSDEEP

1536:lYwJYYBjMgREeEL3X/tpdpwbQpomAutCiObWB1D+V//4WbUO:lYG/JHREeEL3jXU0ttObWB1D+Vo2U

Score

N/A

Malware Config

Signatures

Files

eec2e97bb4c57d82735b0d548417d1dd2f14bad7f704f37aa8a9700f5dd72124
.dll windows x86

8595d5064ad969a64442210f92866ac6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
CreateThread
GetSystemDirectoryA
FreeConsole
GetFileAttributesA
LoadLibraryA
GetProcAddress
FindResourceA
LoadResource
CreateFileA
SizeofResource
WriteFile
CloseHandle
FreeResource
SetFileAttributesA
SetLastError
GetLastError
lstrlenA
Sleep
GetSystemTime
DeleteFileA
lstrcatA
WaitForSingleObject

user32

wsprintfA
SetProcessWindowStation
OpenWindowStationA
GetProcessWindowStation

advapi32

RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyExA

msvcp60

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Xlen@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z

msvcrt

fread
_adjust_fdiv
malloc
_initterm
__CxxFrameHandler
_except_handler3
strncat
strchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
strncpy
_stat
atof
wcstombs
_purecall
_splitpath
??2@YAPAXI@Z
strftime
localtime
time
fclose
_strnicmp
rewind
ftell
fseek
fopen
free
__dllonexit
_onexit
??1type_info@@UAE@XZ

ws2_32

WSAStartup
connect
htons
WSACleanup
gethostbyname
gethostname
closesocket
recv
send
socket

Exports

Exports

ServiceMain
StartHook

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8595d5064ad969a64442210f92866ac6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcp60

msvcrt

ws2_32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 5KB - Virtual size: 4KB