66d50407bfad7c3a6b2ce6089a1ff349f634711201a656a423fbaa35598ae833

Sharing

Copy URL Twitter E-mail

General

Target

66d50407bfad7c3a6b2ce6089a1ff349f634711201a656a423fbaa35598ae833
Size

232KB
MD5

440ecbc838655cdb2286356c6f9554e0
SHA1

c4107a80b71201707fb221677e5e84665c98758b
SHA256

66d50407bfad7c3a6b2ce6089a1ff349f634711201a656a423fbaa35598ae833
SHA512

b92b8240efabb7450d196dbe8a0d73cae89781698f7d2147de75d14f5fe1275f8bfe187ea2c171dcbd679a411e238f0720478d9ebf993fe53b1a3ff4a8722222
SSDEEP

3072:suwAZP8IKGx5Z2aYzWAUzy+S7gxZB5nnjkeWQ1ZJsItfxm6hQ8nsmyIJ75epGCdh:suhyG3VYwzesR5nTFM6hrsmy6yGm

Score

N/A

Malware Config

Signatures

Files

66d50407bfad7c3a6b2ce6089a1ff349f634711201a656a423fbaa35598ae833
.dll windows x86

d6730d7b15f43ebda8cc6291572fcb56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
WSAGetLastError
ntohl
send
inet_addr
htonl
closesocket
setsockopt
recv
connect
htons
inet_ntoa
gethostbyname

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
WaitForSingleObject
ResetEvent
CloseHandle
Sleep
CreateEventA
MapViewOfFile
GetModuleFileNameA
UnmapViewOfFile
GetCurrentProcessId
DeleteCriticalSection
WritePrivateProfileStringA
CompareStringA
GetPrivateProfileStringA
GetModuleHandleA
OutputDebugStringA
LeaveCriticalSection
GetFileAttributesA
GetTickCount
CreateFileA
GetFileSize
OpenFileMappingA
EnterCriticalSection
GetVersionExA
InitializeCriticalSection
CreateFileMappingA
ReadFile
SystemTimeToFileTime
WriteFile
SetFilePointer
GetCurrentDirectoryA
FileTimeToSystemTime
GetLocalTime
GetFileInformationByHandle
GetConsoleMode
GetConsoleCP
CompareStringW
SetEnvironmentVariableA
CreateDirectoryA
IsDebuggerPresent
GetLocaleInfoA
LoadLibraryA
InterlockedExchange
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
DeleteFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetThreadLocale
MoveFileA
FindClose
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetStdHandle
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
GetFullPathNameA
MultiByteToWideChar
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
LCMapStringA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter

user32

GetDesktopWindow

shell32

SHGetFolderPathA

Exports

Exports

DoLog
IsLogType
ReportLog

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d6730d7b15f43ebda8cc6291572fcb56

Headers

File Characteristics

Imports

ws2_32

version

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 1016B

.reloc Size: 12KB - Virtual size: 8KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1016B

.reloc
Size: 12KB - Virtual size: 8KB

.rmnet
Size: 60KB - Virtual size: 60KB