5c764b25f41a1632c7e68da6b131dd4c567cd3d6a27649e425b2e8d6e13b483f

Sharing

Copy URL Twitter E-mail

General

Target

5c764b25f41a1632c7e68da6b131dd4c567cd3d6a27649e425b2e8d6e13b483f
Size

164KB
MD5

4f08ab7a239dd2ea27008e11df1e48b0
SHA1

4ca66d92b72a7e530a79eebcb5f9e6f7d67f8d85
SHA256

5c764b25f41a1632c7e68da6b131dd4c567cd3d6a27649e425b2e8d6e13b483f
SHA512

f1eb110bd203bb264471e59f06dfb177547fa075a2a03049d37ab84ace88d0e6a8d44353d34364d246935d568e209df9ed1642937acf2c427ac5f14c799af308
SSDEEP

3072:SvQaRFkygbfWUgWNOQyKhiX0gB5b1Ns5AQ0:S4aIbfWQOQyKy0G5xm5j

Score

N/A

Malware Config

Signatures

Files

5c764b25f41a1632c7e68da6b131dd4c567cd3d6a27649e425b2e8d6e13b483f
.dll windows x86

50f1d4ce6872d1a6a55284fc1bd29a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

msvcr80

_crt_debugger_hook
_time32
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
srand
rand
calloc
strncpy
_snprintf
free
strspn
atoi
strchr
memchr
strstr
malloc
strncpy_s
_wassert
memset
_except_handler4_common
__clean_type_info_names_internal

kernel32

SleepEx
TlsGetValue
VirtualQuery
GetModuleFileNameW
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
LoadLibraryA
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
HeapFree
HeapAlloc
GetProcessHeap

ws2_32

recv
send
closesocket
connect
ioctlsocket
socket
WSACleanup
WSAStartup
WSAGetLastError
htons
__WSAFDIsSet
select
inet_addr
gethostbyname

Exports

Exports

AddIntValue
AddStringValue
InitTQOS
ReportLoginTimeToTQOS
ReportToTQOS
SetQosID
SetReportIPFlag
UninitTQOS

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50f1d4ce6872d1a6a55284fc1bd29a2c

Headers

File Characteristics

Imports

msvcp80

msvcr80

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 44KB - Virtual size: 50KB

.rsrc Size: 4KB - Virtual size: 432B

.reloc Size: 8KB - Virtual size: 4KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 44KB - Virtual size: 50KB

.rsrc
Size: 4KB - Virtual size: 432B

.reloc
Size: 8KB - Virtual size: 4KB

.rmnet
Size: 60KB - Virtual size: 60KB