cb1dc100ea6157653a7679c52b54f376b5dad58c0dc554e1e6075b6cb843b778

Sharing

Copy URL

Twitter E-mail

General

Target

cb1dc100ea6157653a7679c52b54f376b5dad58c0dc554e1e6075b6cb843b778
Size

68KB
MD5

2a4e71611592169da219eb7443ed24fa
SHA1

d5d7ac604bb410ce494499c7774f9eeeb9826be3
SHA256

cb1dc100ea6157653a7679c52b54f376b5dad58c0dc554e1e6075b6cb843b778
SHA512

c83b66aa5ce0d1dd0f5e1ad6c1d5ada04159fd15b81499cd4b25421c8bba5d6ed305fccd1940073bb0c55c71dc8d905eefb26e966b163e13bcc610e8a1637ac9
SSDEEP

1536:71Dz04FE/PKhhU16bhFqPlJoeGOX0YoSQYBabEXFCtEY+yl:7xz0I0nX0QbabKForl

Score

N/A

Malware Config

Signatures

Files

cb1dc100ea6157653a7679c52b54f376b5dad58c0dc554e1e6075b6cb843b778
.dll windows x86

736298a43ce087cb8a3c2fda51a16945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetUnhandledExceptionFilter
FreeConsole
MoveFileExA
MoveFileA
CreateMutexA
WriteFile
CreateFileA
CreateProcessA
MultiByteToWideChar
SetErrorMode
ReleaseMutex
CreateThread
WaitForSingleObject
GetLastError
lstrlenA
Sleep
ReadProcessMemory
DeleteFileA
SetLastError
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
lstrcatA
GetCurrentProcess
CloseHandle
OpenProcess
lstrcpyW
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetSystemDirectoryA

user32

wsprintfA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr
setsockopt
connect
accept
select
__WSAFDIsSet
ntohs
send
closesocket
socket
htons
bind
listen
WSACleanup
WSAStartup
inet_ntoa
gethostbyname
sendto
gethostname
recv
ioctlsocket

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyA
CloseServiceHandle
DeleteService
ControlService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
AdjustTokenPrivileges

shlwapi

SHDeleteKeyA

msvcrt

wcscmp
??2@YAPAXI@Z
strncpy
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_CxxThrowException
_except_handler3
strchr
strncat
wcstombs
strstr
atoi
rand
srand
free
malloc
_errno
_vsnprintf
memmove
memchr
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
toupper
??3@YAXPAX@Z

Exports

Exports

ServiceMain

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

736298a43ce087cb8a3c2fda51a16945

Headers

File Characteristics

Imports

kernel32

user32

wininet

iphlpapi

ws2_32

advapi32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.sxdata Size: 4KB - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.sxdata
Size: 4KB - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 3KB