Lab03-04[.]exe

General

Target

Lab03-04.exe
Size

60KB
MD5

b94af4a4d4af6eac81fc135abda1c40c
SHA1

d6356b2c6f8d29f8626062b5aefb13b7fc744d54
SHA256

6ac06dfa543dca43327d55a61d0aaed25f3c90cce791e0555e3e306d47107859
SHA512

1e95401ffb6a2b4f6069becd77a61c9d80825093dd81f44aaf4980dbfbb291a53381af2868c978c3cf99b1907d064e3e2327eb9e6d259e766f9304617a3b2711
SSDEEP

768:ZBMB7uLhDdWaX1ZOE/XZAv39SHOIXjTpF9VM+JG4oIxBkbQDo:ZBm7uLhDdWQaP9SHlzlFPM+xIbWo

Score

1^/10

Malware Config

Signatures

Files

Lab03-04.exe
.exe windows x86

4dc1143e47a9a737805f66b3b75560be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
CopyFileA
GetModuleFileNameA
GetShortPathNameA
Sleep
WriteFile
ReadFile
GetLastError
GetSystemDirectoryA
CreateFileA
GetFileTime
SetFileTime
DeleteFileA
CloseHandle
CompareStringW
CompareStringA
CreateProcessA
GetFileAttributesA
FlushFileBuffers
LoadLibraryA
GetProcAddress
LCMapStringW
LCMapStringA
VirtualAlloc
SetFilePointer
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DuplicateHandle
GetCommandLineA
GetVersion
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
CreatePipe
GetExitCodeProcess
WaitForSingleObject
HeapReAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
MultiByteToWideChar
GetStringTypeA
SetEnvironmentVariableA

advapi32

OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
DeleteService

shell32

ShellExecuteA

ws2_32

shutdown
WSAStartup
gethostbyname
send
socket
htons
connect
closesocket
recv
WSACleanup

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4dc1143e47a9a737805f66b3b75560be

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB