f272a6d534947969fcfd1038cca4db6c0bc65cfd8d19f1474ab68963dcd2d194

General

Target

f272a6d534947969fcfd1038cca4db6c0bc65cfd8d19f1474ab68963dcd2d194
Size

24KB
MD5

f23b04044073cbf9e126f6d47b9a8d97
SHA1

a63ebae54e8b8492689361db8a42e46918bd449c
SHA256

f272a6d534947969fcfd1038cca4db6c0bc65cfd8d19f1474ab68963dcd2d194
SHA512

76f0258944c3bed8794727c83a53945ad9a09c9b64a1b5388e9cbe1f21d23490dfbc895e647154741f5b994bf80a6f565b5f9c2460d3574c3dd27cabade0d844
SSDEEP

384:njkPldGWZsc5VLw0Pdesk1sTpTsklynva8LrCZWFIJWUpuEATYyXPwsOP+:4ZpNw0tPUa8LrU/puEATYyYf

Score

N/A

Malware Config

Signatures

Files

f272a6d534947969fcfd1038cca4db6c0bc65cfd8d19f1474ab68963dcd2d194
.exe windows x86

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSASocketA
WSAGetLastError
WSAStartup
WSAEventSelect
htons
WSAGetOverlappedResult
ntohs
WSARecvFrom
ioctlsocket
WSACloseEvent
closesocket
inet_ntoa
bind
getservbyname
socket
sendto

kernel32

ExitProcess
ExpandEnvironmentStringsA
GetLocalTime
DeleteCriticalSection
SetLastError
SetEvent
ResumeThread
GetLastError
WaitForSingleObject
CreateEventA
InitializeCriticalSection
HeapCreate
LeaveCriticalSection
HeapFree
CloseHandle
EnterCriticalSection
InterlockedIncrement
WaitForMultipleObjects
HeapAlloc
ResetEvent
Sleep
TryEnterCriticalSection
SuspendThread

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus

ntdll

memmove
strncpy
isupper
tolower
RtlUpdateTimer
RtlDeleteTimer
_stricmp
atoi
_itoa
RtlDeregisterWaitEx
_chkstk
RtlCreateTimerQueue
RtlRegisterWait
RtlCreateTimer

iphlpapi

NotifyAddrChange
GetIpAddrTable

msvcrt

_initterm
__getmainargs
__setusermatherr
_lseek
_close
_read
malloc
realloc
fclose
free
time
_chdir
_errno
_mkdir
fopen
ctime
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
printf
__p___initenv
_XcptFilter
_exit
_open
_write
exit

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

ntdll

iphlpapi

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 25KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 25KB