bf3afc46eeb10caef63e5ad11fbcc94891ced77200ea7b81d53fdfb069bfda6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf3afc46eeb10caef63e5ad11fbcc94891ced77200ea7b81d53fdfb069bfda6f
Size

33KB
MD5

f0bb0f84f0f79b4c73571d469afde8cd
SHA1

c3f45af0d78c177ab1ae615590efe95b1ce682e4
SHA256

bf3afc46eeb10caef63e5ad11fbcc94891ced77200ea7b81d53fdfb069bfda6f
SHA512

15ae1a278eb6b4a5189f7561b417381e166defc1aaa7922fbda1c975e82f4ad91e55c3e2cc2b206ac6b1256ad4a316e97e727788f3eea792d1e6e85eb87334f2
SSDEEP

768:BqrOja57LYJ5vfUBxA39lQRV/LskEuvvHlnth:AyGRk/cBxA3vQ33EcH

Score

N/A

Malware Config

Signatures

Files

bf3afc46eeb10caef63e5ad11fbcc94891ced77200ea7b81d53fdfb069bfda6f
.exe windows x86

9140fa525f63fa0ad2a461d324a8f0b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DeleteFileA
CreateThread
LoadLibraryA
GetProcAddress
CopyFileA
GetCurrentProcessId
GetTickCount
WaitForSingleObject
Sleep
GetModuleHandleA
GetStartupInfoA

advapi32

OpenServiceA
DeleteService
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenSCManagerA

ws2_32

gethostbyname
inet_addr
__WSAFDIsSet
recv
WSAIoctl
socket
connect
send
gethostname
inet_ntoa
WSAStartup
WSASocketA
WSAGetLastError
setsockopt
htons
htonl
sendto
closesocket
WSACleanup
select

iphlpapi

GetIfTable

msvcrt

??2@YAPAXI@Z
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_iob
exit
strstr
_CxxThrowException
__CxxFrameHandler
sprintf
rand
memset
printf
fprintf
strcat
strcpy
_local_unwind2
strlen
memcpy
_except_handler3

Sections

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE