c6acad4b8d30d36f2c41f6750232848f5b31c0bcaf84cebf2d482f46c51d4d69

General

Target

c6acad4b8d30d36f2c41f6750232848f5b31c0bcaf84cebf2d482f46c51d4d69
Size

15KB
MD5

2cceca81f7838ab47e6365b372a99a5c
SHA1

380822b5b60e49d7a97b803b7e0801572bdeb17d
SHA256

c6acad4b8d30d36f2c41f6750232848f5b31c0bcaf84cebf2d482f46c51d4d69
SHA512

45253cb6c9956222725e9166b3a183017a4c83b35e638fe38d97be60f261370b003deb392491ad67a8471e72c0c27460f097d64e0cdbe14c0e8f476b821a041d
SSDEEP

192:jdfVe0JGh3OCqi3EHcg1yv1MQUNXLjqwgsg9FwHqtIqgcAF:jdM0Jm+ATipXLjqnbwKAbF

Score

N/A

Malware Config

Signatures

Files

c6acad4b8d30d36f2c41f6750232848f5b31c0bcaf84cebf2d482f46c51d4d69
.dll windows x86

8a9d901df6048ffbc7571ecb9377720a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
lstrcpynA
OpenProcess
Process32Next
Sleep
WinExec
FindResourceA
CreateToolhelp32Snapshot
DeleteFileA
lstrcatA
GetCurrentProcess
WaitForSingleObject
CreateRemoteThread
Module32Next
lstrcmpiA
Module32First
SizeofResource
LoadResource
CreateFileA
LockResource
WriteFile
CloseHandle
GetModuleHandleA
GetProcAddress
GlobalAlloc
LoadLibraryExA
GlobalFree
FreeLibrary
DeviceIoControl
Process32First
GetLastError

advapi32

RegEnumValueA
RegOpenKeyExA
OpenProcessToken
RegCreateKeyA
RegSetValueExA
RegCloseKey
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
StartServiceA
RegOpenKeyA

shell32

ShellExecuteA

shlwapi

PathFileExistsA

msvcrt

_strcmpi
_adjust_fdiv
strlen
strcpy
strcat
memset
_stricmp
memcpy
free
_initterm
malloc

Exports

Exports

Niubi

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a9d901df6048ffbc7571ecb9377720a

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 608B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 608B