2ee3bc91e09c1bc2d5207bd4882b601c3c30ff06007e95467120136cab68d6b9

Sharing

Copy URL Twitter E-mail

General

Target

2ee3bc91e09c1bc2d5207bd4882b601c3c30ff06007e95467120136cab68d6b9
Size

421KB
MD5

60477b672bb24d0d9efe45e79dc76bd0
SHA1

f12954a61221db827e2e3f9e5d0f14c63e7d4322
SHA256

2ee3bc91e09c1bc2d5207bd4882b601c3c30ff06007e95467120136cab68d6b9
SHA512

7f29646065b5c3ce269678c924a86594553e32d8d6fd84e75d81bd7513871a98fd6110062faaa5b824930bda70d01fd2380ea26e61095af845c6345f2937d904
SSDEEP

6144:qAGYBFzfNuL2AcCbrhLL1tPU3Xzz6Fi4xMD7ct7OZdFr0mq:HabrhLLvPYzcMMidxq

Score

N/A

Malware Config

Signatures

Files

2ee3bc91e09c1bc2d5207bd4882b601c3c30ff06007e95467120136cab68d6b9
.exe windows x64

51c2079fb5a6901ef71b4c06a41e70f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

ioctlsocket
connect
WSAStartup
recvfrom
select
WSAGetLastError
sendto
WSACleanup
gethostbyname
socket
closesocket
send
htonl
htons
ntohs
setsockopt
gethostname
inet_ntoa
inet_addr
recv

kernel32

GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapCreate
HeapSetInformation
ExitProcess
GetProcAddress
GetModuleHandleW
DeleteFileA
HeapAlloc
HeapFree
GetProcessHeap
lstrlenA
GlobalAlloc
GetVersionExA
CreateFileA
SetFilePointer
WriteFile
ReadFile
GetLastError
CloseHandle
FreeEnvironmentStringsW
GetCurrentThreadId
WaitForSingleObject
Sleep
CreateThread
SetEvent
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetTickCount
GetSystemWow64DirectoryA
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
SetEndOfFile
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
HeapReAlloc
FlsAlloc
SetLastError
FlsFree
GetLocaleInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlUnwindEx
LCMapStringA
LCMapStringW
GetCPInfo
GetDateFormatA
GetTimeFormatA
CompareStringA
CompareStringW
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
GetStringTypeA

advapi32

RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus
RegQueryValueExA
StartServiceCtrlDispatcherA
RegOpenKeyExA

packet

PacketAllocatePacket
PacketCloseAdapter
PacketFreePacket
PacketSendPacket
PacketOpenAdapter
PacketInitPacket

iphlpapi

GetIpForwardTable
GetIpAddrTable
GetIpNetTable
GetAdaptersAddresses

pdh

PdhAddCounterA
PdhCollectQueryData
PdhEnumObjectItemsA
PdhOpenQueryA
PdhGetFormattedCounterValue

Sections

.text
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51c2079fb5a6901ef71b4c06a41e70f4

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

packet

iphlpapi

pdh

Sections

.text Size: 319KB - Virtual size: 319KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 10KB - Virtual size: 21KB

.pdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 319KB - Virtual size: 319KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 10KB - Virtual size: 21KB

.pdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 3KB - Virtual size: 2KB