36ed661ed537a0702d216a696b4acaf4f0682e8f05da0405632ec5b8adfeaa95

Sharing

Copy URL Twitter E-mail

General

Target

36ed661ed537a0702d216a696b4acaf4f0682e8f05da0405632ec5b8adfeaa95
Size

273KB
MD5

4393331a115ef3cd80700d093e963aa0
SHA1

6325e9c4ce64c1e62f3b65cf75fa527f6f0c61b1
SHA256

36ed661ed537a0702d216a696b4acaf4f0682e8f05da0405632ec5b8adfeaa95
SHA512

e8857bd57a13662cae3e4c48531970dfcd07dd07bb63f272b7484c6b7bf71dfe55692731460027b2447b98ec159db8ff66a37bdb3d9c2ed44af6d60549962751
SSDEEP

6144:unDcDMZdQa93IzYgMP7zWfbS35++saj7:AQYIzYgMP7zabS3c6j7

Score

N/A

Malware Config

Signatures

Files

36ed661ed537a0702d216a696b4acaf4f0682e8f05da0405632ec5b8adfeaa95
.dll windows x86

d9072c475cc58f9ea3831babba5586d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
GetCommandLineA
lstrcpynA
EnterCriticalSection
LeaveCriticalSection
GetComputerNameA
SetConsoleTextAttribute
GetWindowsDirectoryA
GetStdHandle
GetConsoleScreenBufferInfo
OutputDebugStringA
GetTempPathA
GetSystemTimeAsFileTime
GetCurrentThreadId
DeleteFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
GetLocaleInfoW
LoadLibraryA
ReadFile
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleOutputCP
WriteConsoleA
HeapSize
LoadLibraryW
FlushFileBuffers
GetTimeZoneInformation
CreateFileA
GetExitCodeProcess
CreatePipe
HeapReAlloc
VirtualAlloc
GetModuleFileNameW
CloseHandle
SetLastError
WaitForSingleObject
CreateEventW
SetEvent
CreateThread
TerminateThread
WideCharToMultiByte
Sleep
InterlockedExchange
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
CreateProcessA
DuplicateHandle
GetFileAttributesA
WriteConsoleW
GetFileType
WriteFile
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
SetFilePointer
SetHandleCount
GetStartupInfoA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapAlloc
GetModuleFileNameA
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
GetModuleHandleA

ws2_32

ioctlsocket
WSASendTo
WSASend
WSARecvFrom
WSAGetLastError
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
bind
WSAIoctl
closesocket
WSACloseEvent
WSASetEvent
WSAEventSelect
WSACreateEvent
socket
WSACleanup
WSAStartup

Exports

Exports

?CreateObject@IYGOClient@YGOClient@@SAPAV12@XZ
?GetVersion@IYGOClient@YGOClient@@SAKXZ
?ReleaseObject@IYGOClient@YGOClient@@SAXPAV12@@Z

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d9072c475cc58f9ea3831babba5586d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 7KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 12KB - Virtual size: 12KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 7KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 12KB - Virtual size: 12KB

.rmnet
Size: 56KB - Virtual size: 60KB