a6dffdb53ef3ae1ec2b9be3c2f7b33b90c148c9f5adb3b19a52097566c78df78

General

Target

a6dffdb53ef3ae1ec2b9be3c2f7b33b90c148c9f5adb3b19a52097566c78df78
Size

48KB
MD5

207d4f8c86c5c78f1e1610b19045db2e
SHA1

046c3711d211c14868611ea9fb0f810f69598aaf
SHA256

a6dffdb53ef3ae1ec2b9be3c2f7b33b90c148c9f5adb3b19a52097566c78df78
SHA512

2811b14c2b6fc83f1a03f5559f2d955f0dcce15136760decf39557c038ca3ee413bedbf082affbeae9178babab26d4524b534cc4842a8f3cba43cde89e0a718e
SSDEEP

768:RGt4aaOHa/QWeWWxCkSitYNnnIQuETiWjXwFNkWrq60J5vA:RGtrV6ZjCC1aEuWkLfqxvA

Score

N/A

Malware Config

Signatures

Files

a6dffdb53ef3ae1ec2b9be3c2f7b33b90c148c9f5adb3b19a52097566c78df78
.exe windows x86

00a4fb6ac43db7818d7df3e33b97f70d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

setsockopt
recvfrom
recv
getsockname
send
bind
connect
listen
accept
socket
WSAGetLastError
select
ntohl
htons
closesocket
shutdown
sendto
htonl
WSAStartup
ntohs

wininet

InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

kernel32

GetTimeZoneInformation
FileTimeToSystemTime
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
lstrlenA
HeapFree
GetProcessHeap
HeapAlloc
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEvent
CreateThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
WritePrivateProfileSectionA
GetPrivateProfileSectionA
CreateProcessA
GetCurrentDirectoryA
GetSystemDirectoryA
CloseHandle
WriteFile
CreateFileA
GetFileAttributesA
GetFullPathNameA
WaitForSingleObject
Sleep
OpenEventA
GetLastError
CreateEventA
SetCurrentDirectoryA

user32

CharLowerA
CharUpperA
wvsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00a4fb6ac43db7818d7df3e33b97f70d

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

advapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB