09848efdb6aab21db12ea562a6f4681ee87eb238baa70e64a37e7d9d8406544e

Sharing

Copy URL

Twitter E-mail

General

Target

09848efdb6aab21db12ea562a6f4681ee87eb238baa70e64a37e7d9d8406544e
Size

88KB
MD5

2ff88ee46f480529aff7948fa59e67d0
SHA1

77cb4406177a35e8b76eea3b11f5c20ee030413e
SHA256

09848efdb6aab21db12ea562a6f4681ee87eb238baa70e64a37e7d9d8406544e
SHA512

782b67035ad65d3cc2c83350af1ce78fa35c47aaf2d9904c2c867168c9374705b48f316ef8d473392e3fba9247aec63395ac2a81e3bb46661699e55012c67457
SSDEEP

1536:q5QGnzO/z8SbF82tpQkABAnc7am/tOJZipasd+CvzMFClmNPj:IzO/zHbO2tSAncem/tmZeasdjvzMFYm9

Score

N/A

Malware Config

Signatures

Files

09848efdb6aab21db12ea562a6f4681ee87eb238baa70e64a37e7d9d8406544e
.dll windows x86

d369e112d3705e06a4952e87734d1356

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
IsBadReadPtr
VirtualProtect
Sleep
GetModuleHandleA
SleepEx
IsBadWritePtr
GetCommandLineA
SetThreadPriority
CreateThread

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps

ws2_32

WSAGetLastError
WSAEventSelect
WSACloseEvent
getsockopt
setsockopt
sendto
inet_addr
gethostbyname
WSACreateEvent
recvfrom
WSAWaitForMultipleEvents
WSAResetEvent

pdh

PdhRemoveCounter
PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData

icmp

IcmpCloseHandle
IcmpSendEcho
IcmpCreateFile

msvcrt

_strdup
abs
fclose
_snprintf
_ftol
_initterm
sprintf
exit
_except_handler3
memcpy
strcmp
realloc
memset
_adjust_fdiv
malloc
_strcmpi
fwrite
time
strstr
strcpy
strlen
floor
free
_vsnprintf
fopen
strcat

Exports

Exports

?SUB_CallUseToggle@CBaseEntity@@QAEXXZ
GiveFnptrsToDll
Meta_Attach
Meta_Detach
Meta_Query

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d369e112d3705e06a4952e87734d1356

Headers

File Characteristics

Imports

kernel32

winmm

ws2_32

pdh

icmp

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 984B

.reloc Size: 4KB - Virtual size: 1KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 1KB

.rmnet
Size: 60KB - Virtual size: 60KB