f41aecf48371466013a6130714f99e7059c41a9fa97cccc2ef90206227283dd0

Sharing

Copy URL Twitter E-mail

General

Target

f41aecf48371466013a6130714f99e7059c41a9fa97cccc2ef90206227283dd0
Size

67KB
MD5

4f452688f03a579250f8a269e617c8ba
SHA1

d33305fbb11dfbf11591c2e631e3d06d5c4c4fce
SHA256

f41aecf48371466013a6130714f99e7059c41a9fa97cccc2ef90206227283dd0
SHA512

8147c583946ba8f204fcb8fe13c204734c41828a724b7507fb5d8f657102e588b49e2c1e691d8f2fabb2a146a48d7a914e7dc7caaa34cb61b2c9db86bb9655bf
SSDEEP

1536:0eoRcMir2X7gGj9qTFrY6HMOJDEVovNBAz6FkPEUGZ9tK:lMim7YF88MmVUGZ9tK

Score

N/A

Malware Config

Signatures

Files

f41aecf48371466013a6130714f99e7059c41a9fa97cccc2ef90206227283dd0
.exe windows x86

36f7973bad14b1d709a5bf09ccd20816

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
gethostbyname
select
WSAStartup
WSACleanup
htons
socket
connect
send
closesocket
recv

kernel32

LoadLibraryA
Sleep
GetTickCount
SetFileAttributesA
lstrcmpiA
GetLastError
GetModuleFileNameA
GetModuleHandleA
OpenMutexA
GetProcAddress
SetEvent
DeleteFileA
LocalFree
LocalAlloc
GetVersionExA
GetLocaleInfoA
WaitForSingleObject
CreateThread
FreeLibrary
ExitProcess
ExitThread
CreateProcessA
CloseHandle
GetStringTypeW
HeapSize
SetErrorMode
LeaveCriticalSection
HeapAlloc
GetCommandLineA
GetStartupInfoA
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
MultiByteToWideChar
ReadFile
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetEndOfFile
GetProcessHeap
LCMapStringA
LCMapStringW
GetStringTypeA

advapi32

ControlService
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
DeleteService

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36f7973bad14b1d709a5bf09ccd20816

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 5KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 5KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 436B