d63ddc08b9a19069bac66fdab5be25e0fe9b0a96568ae849e3e873b421971b81

Sharing

Copy URL Twitter E-mail

General

Target

d63ddc08b9a19069bac66fdab5be25e0fe9b0a96568ae849e3e873b421971b81
Size

356KB
MD5

573ef50add7bc0edbd3a9fbfb9126175
SHA1

b32378baf0e1de05960b50e3f31eb22e819ba71d
SHA256

d63ddc08b9a19069bac66fdab5be25e0fe9b0a96568ae849e3e873b421971b81
SHA512

93b86850db7dc25945b1e4df45d750f1b88e4a6411541a6860280fc34cb8077245416bed6e604cd027e45fdbe286cb7380dda37dbd3c0f23fcf8fc3b5dd04827
SSDEEP

6144:C9ln6v2R/YEihxqSag/zhzLw1I/u1tHxgIh5nQCrOOOkoj:CjnO2R/YEibPr5U1Im3pHQCaOOfj

Score

N/A

Malware Config

Signatures

Files

d63ddc08b9a19069bac66fdab5be25e0fe9b0a96568ae849e3e873b421971b81
.dll windows x86

76ba9e7d3d600a080fefd4739cb136e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
ntohl
getsockname
ntohs
htons
recv
send
connect
sendto
select
__WSAFDIsSet
socket
bind
closesocket

kernel32

GetLastError
VirtualProtect
SetFilePointer
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
IsValidCodePage
IsValidLocale
GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
CompareStringA
CloseHandle
FlushFileBuffers
GetLocaleInfoW
ReadFile
SetStdHandle
GetTimeZoneInformation
SetConsoleCtrlHandler
GetSystemInfo
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
LoadLibraryA
FreeLibrary
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
SetLastError
GetDateFormatA
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LCMapStringA
LCMapStringW
FatalAppExitA
EnterCriticalSection
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetTimeFormatA
VirtualAlloc

tier0

CommandLine_Tier0
_AssertValidReadPtr
_AssertValidWritePtr
Error
AssertValidStringPtr
?Lock@CThreadMutex@@QAEXXZ
?Lock@CThreadMutex@@QBEXXZ
Msg
g_pMemAlloc
g_pVCR

vstdlib

GetCVarIF

Exports

Exports

CreateInterface

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76ba9e7d3d600a080fefd4739cb136e0

Headers

File Characteristics

Imports

ws2_32

kernel32

tier0

vstdlib

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 34KB

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 196KB - Virtual size: 196KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 34KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 196KB - Virtual size: 196KB