61af881ceebe66e88c6ceae280238e9e7112d969cc6048523bd60b8daf64199c

Sharing

Copy URL

Twitter E-mail

General

Target

61af881ceebe66e88c6ceae280238e9e7112d969cc6048523bd60b8daf64199c
Size

77KB
MD5

0eda123d06a69130c6ce23d3637a8ed0
SHA1

73931323c9c1ce011c81e6a6e37ce8b9f22cbdb5
SHA256

61af881ceebe66e88c6ceae280238e9e7112d969cc6048523bd60b8daf64199c
SHA512

ea24e36cdf980a6f7e05ad887b9a1dff800bfd1a85cab908195100c24191f6024c0fb078c10048df9ba11214ff1051fea84644e62db38d5bef29596a999363b7
SSDEEP

1536:Cq3NgjTJ2Yirl0SOA5gYSnoemnptlXnmLs6oiTPiwU1RvMob61E:r3NgjTcrl0SOAmYBeiHvnvpbf

Score

N/A

Malware Config

Signatures

Files

61af881ceebe66e88c6ceae280238e9e7112d969cc6048523bd60b8daf64199c
.exe windows x86

0ddd86705e3216bd975a6d71750dbf03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
inet_ntoa
WSAStartup
recvfrom
inet_addr
select
WSAGetLastError
htons
ntohs
getsockname
setsockopt
getservbyport
WSACleanup
bind
socket
getservbyname
__WSAFDIsSet
WSASetLastError
gethostbyaddr
gethostbyname
listen
accept
recv
closesocket
send

kernel32

IsDebuggerPresent
SetEndOfFile
CreateFileA
GetNumberOfConsoleInputEvents
PeekConsoleInputA
CreateFileW
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
HeapSize
WriteConsoleW
SetFilePointer
SetEnvironmentVariableA
MultiByteToWideChar
CompareStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
PeekNamedPipe
GetCurrentProcess
WriteFile
TerminateThread
Sleep
CreateProcessA
TerminateProcess
ReadFile
ExitThread
DisconnectNamedPipe
GetLastError
WaitForMultipleObjects
CreatePipe
DuplicateHandle
CloseHandle
CreateThread
FreeConsole
GetStdHandle
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcessHeap
HeapCreate
GetModuleFileNameW
EncodePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetStdHandle
LoadLibraryW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ddd86705e3216bd975a6d71750dbf03

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 4KB