9dc9c3695201b9782e2e6799963b01f0473cdd232ede3da10171a1ee15d594c3

Sharing

Copy URL Twitter E-mail

General

Target

9dc9c3695201b9782e2e6799963b01f0473cdd232ede3da10171a1ee15d594c3
Size

188KB
MD5

34da28c44693ecd15e884a3959e5dbc0
SHA1

aa8436e5248548df3ab458c870f7194d944e7f31
SHA256

9dc9c3695201b9782e2e6799963b01f0473cdd232ede3da10171a1ee15d594c3
SHA512

82db0acd4b456bc931aa203344bd34513ed399d2eaadcf300f9400d00209a415df11fcbb0fafdab187f12bca8333b77ffd40e86c143e454937572908b2f2b354
SSDEEP

3072:hPVPGuHKfes9Sz+ygU98GOyiwj3EKl1tTfNs33bJ58:OuH4ZAz+yTEoVju33bs

Score

N/A

Malware Config

Signatures

Files

9dc9c3695201b9782e2e6799963b01f0473cdd232ede3da10171a1ee15d594c3
.dll windows x86

cf08be33b7fcb65225b58864212b201b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
FormatMessageA
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetEndOfFile
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreateFileA
ReadFile
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
GetCommandLineA
GetVersionExA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
DisableThreadLibraryCalls
WriteFile
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
FlushFileBuffers
SetFilePointer
GetACP
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
VirtualQuery
LoadLibraryA
VirtualProtect
GetSystemInfo
GetLocaleInfoA
GetTimeZoneInformation

advapi32

GetUserNameA

wsock32

gethostbyname
select
htons
ntohl
ntohs
htonl
send
recv
WSAStartup
WSASetLastError
setsockopt
inet_ntoa
socket
connect
WSAGetLastError
getsockopt
getsockname
closesocket

Exports

Exports

AMXX_Attach
AMXX_Detach
AMXX_PluginsLoaded
AMXX_Query

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf08be33b7fcb65225b58864212b201b

Headers

File Characteristics

Imports

kernel32

advapi32

wsock32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 33KB

.reloc Size: 8KB - Virtual size: 5KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 33KB

.reloc
Size: 8KB - Virtual size: 5KB

.rmnet
Size: 60KB - Virtual size: 60KB