10e014fee908623c5193ff6d76cde0d4c71c90b52e3cd98b49d257390eab5795

Sharing

Copy URL

Twitter E-mail

General

Target

10e014fee908623c5193ff6d76cde0d4c71c90b52e3cd98b49d257390eab5795
Size

125KB
MD5

5ef81e1745e4a8d4512f18b0a8f2fb0d
SHA1

d4657f4dcf784335e9777121f27e2ad0ae7a4491
SHA256

10e014fee908623c5193ff6d76cde0d4c71c90b52e3cd98b49d257390eab5795
SHA512

ad037931473543a779cde0dac571cb77741305805b4cccbfec2dea92b566a74a116b2287e06628a26c92b16f36c033bcbfcdd530c6e25ba5e20c1b3cbdbbdf9e
SSDEEP

1536:aOkyZ+bgHazXuPPOPlWLl53SoWblA/mQOt+xgRcstOiJVg/1rz08bIngPZpwZB:Tk3gHazenEK5ioaC/VOt+qRcC0RsgP

Score

N/A

Malware Config

Signatures

Files

10e014fee908623c5193ff6d76cde0d4c71c90b52e3cd98b49d257390eab5795
.dll windows x86

6a8a731b5ebbd7eaff4110224e94408f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
ioctlsocket
bind
htons
connect
socket
recv
WSAGetLastError
send
WSACleanup
closesocket
inet_ntoa
accept
listen
htonl
WSAStartup

imagehlp

SymGetOptions
SymSetOptions
SymCleanup
SymInitialize
SymLoadModule
SymGetModuleBase

winmm

timeEndPeriod
timeBeginPeriod

kernel32

QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteConsoleOutputA
Sleep
SetConsoleOutputCP
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
GetLocalTime
CreateDirectoryA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CloseHandle
FreeLibrary
HeapFree
GetProcessHeap
SetUnhandledExceptionFilter
IsBadCodePtr
IsBadWritePtr
OutputDebugStringA
FormatMessageA
GetModuleHandleA
GetVersionExA
SetLastError
GetLastError
OpenProcess
LoadLibraryExA
LocalFree

user32

SetLastErrorEx

msvcp90

?push_back@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEX_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr90

_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_vsnprintf
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_getcwd
_kbhit
_getch
__CxxFrameHandler3
_CxxThrowException
memset
_mbsrchr
sprintf
free
??_V@YAXPAX@Z
strncpy
printf
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_snprintf
vprintf
setlocale
_getwch
_wcsicmp
wcsncpy
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_vscprintf
malloc

Exports

Exports

Run
SendServerCommand

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6a8a731b5ebbd7eaff4110224e94408f

Headers

File Characteristics

Imports

wsock32

imagehlp

winmm

kernel32

user32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB

.rmnet
Size: 56KB - Virtual size: 60KB