fbe2ee6713e1f0f49b7d6f0cd6ffc11b38efcddcea2299214c87b10485887840

General

Target

fbe2ee6713e1f0f49b7d6f0cd6ffc11b38efcddcea2299214c87b10485887840
Size

24KB
MD5

61426996c31a8bace34fdeb2e36b34fb
SHA1

e71789dd0f6fbc75e65e90925e603e69c9bd9c3c
SHA256

fbe2ee6713e1f0f49b7d6f0cd6ffc11b38efcddcea2299214c87b10485887840
SHA512

2521e3dff86e31789102bf32cec22d2754637db29989ac3eaa7638e87c95261d140067a72baff848dfc2e10270a8e60688efdd87e3d568717fe74122634509a2
SSDEEP

384:j8jkPldGWZsc5VLw0Pdesk1sTpTsklynva8LrCZWFIJWUpbficv9PQaAuEaN:jrZpNw0tPUa8LrU/pZW

Score

N/A

Malware Config

Signatures

Files

fbe2ee6713e1f0f49b7d6f0cd6ffc11b38efcddcea2299214c87b10485887840
.exe windows x86

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSASocketA
WSAGetLastError
WSAStartup
WSAEventSelect
htons
WSAGetOverlappedResult
ntohs
WSARecvFrom
ioctlsocket
WSACloseEvent
closesocket
inet_ntoa
bind
getservbyname
socket
sendto

kernel32

ExitProcess
ExpandEnvironmentStringsA
GetLocalTime
DeleteCriticalSection
SetLastError
SetEvent
ResumeThread
GetLastError
WaitForSingleObject
CreateEventA
InitializeCriticalSection
HeapCreate
LeaveCriticalSection
HeapFree
CloseHandle
EnterCriticalSection
InterlockedIncrement
WaitForMultipleObjects
HeapAlloc
ResetEvent
Sleep
TryEnterCriticalSection
SuspendThread

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus

ntdll

memmove
strncpy
isupper
tolower
RtlUpdateTimer
RtlDeleteTimer
_stricmp
atoi
_itoa
RtlDeregisterWaitEx
_chkstk
RtlCreateTimerQueue
RtlRegisterWait
RtlCreateTimer

iphlpapi

NotifyAddrChange
GetIpAddrTable

msvcrt

_initterm
__getmainargs
__setusermatherr
_lseek
_close
_read
malloc
realloc
fclose
free
time
_chdir
_errno
_mkdir
fopen
ctime
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
printf
__p___initenv
_XcptFilter
_exit
_open
_write
exit

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

ntdll

iphlpapi

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 25KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 25KB