fea83231f6fb83231d546b6f672bbb0c27d18665ead189732daa6b56e23e6723

General

Target

fea83231f6fb83231d546b6f672bbb0c27d18665ead189732daa6b56e23e6723
Size

437KB
MD5

08a1665881a1632b213faa08ff0742c0
SHA1

2e110ac1ee0a617927fbcd4e9603efec3d3a1e4b
SHA256

fea83231f6fb83231d546b6f672bbb0c27d18665ead189732daa6b56e23e6723
SHA512

1ad634bb5be0ca98d268a9b263e26b55019dd9dd20ff6722263ec8187f20cc88d9b1d7f5e37ab02a7b01fa02b2464328e6c9aa18714a7074594b8aa43174ee5d
SSDEEP

12288:VEC1Fo9faQp++gs7s7ytNr72gUxNBRh9:A9f/pMMs78UbB

Score

N/A

Malware Config

Signatures

Files

fea83231f6fb83231d546b6f672bbb0c27d18665ead189732daa6b56e23e6723
.exe windows x86

20f2fec40949ae4143aa47adc0a1cd91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
SetFilePointerEx
GetProcessHeap
QueryPerformanceCounter
lstrcmpA
GetModuleHandleA
HeapAlloc
HeapFree
VirtualAlloc

olepro32

OleTranslateColor
DllGetClassObject

wsock32

NPLoadNameSpaces
gethostname
WSACancelAsyncRequest
WSARecvEx
getpeername
closesocket
GetTypeByNameA
SetServiceA
SetServiceW
WSACleanup
MigrateWinsockConfiguration
ntohs
WSAAsyncGetProtoByNumber
WSAAsyncGetServByName
gethostbyname
WSACancelBlockingCall

gdi32

StretchDIBits
GetPaletteEntries
DeleteDC
CreatePen
EnumICMProfilesA
EngMultiByteToUnicodeN
SetMapMode

msvcrt

_purecall
strlen
wscanf
__p__fmode
_mbsnbcat
_sopen
exit
_acmdln
_initterm
_spawnve
_controlfp
memcmp
_except_handler3
__set_app_type
iswalnum
_exit
_getdllprocaddr
_cprintf
fputwc
strcoll
_kbhit
_y1
_adjust_fdiv
_ungetch
_unlock
??3@YAXPAX@Z
sscanf
vswprintf
_wstat
wcsrchr
_mbsninc
_ismbclegal
_setmaxstdio
__getmainargs
__setusermatherr
_daylight
_XcptFilter
__p__commode
_mbspbrk
__crtLCMapStringA

msexch40

DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20f2fec40949ae4143aa47adc0a1cd91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

olepro32

wsock32

gdi32

msvcrt

msexch40

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 431KB - Virtual size: 430KB

.reloc Size: 512B - Virtual size: 388B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 431KB - Virtual size: 430KB

.reloc
Size: 512B - Virtual size: 388B