559786764ee95af3e56a31b862600dd982ed057c1226f5b8a211c6fad5c7430f

General

Target

559786764ee95af3e56a31b862600dd982ed057c1226f5b8a211c6fad5c7430f
Size

56KB
MD5

a4a8d010f957ef326705c513b0af9d28
SHA1

18bc9ff8de553ecff2b9dfe7a3d51155c7021d8c
SHA256

559786764ee95af3e56a31b862600dd982ed057c1226f5b8a211c6fad5c7430f
SHA512

a3ef6af36aab829775fed76f6a07f87757ed4489fd3769ca916b5a7f9772c7f261867d52547400ceba343fc296acd48ce61c1748553b8cfc4a2591ac7713d77f
SSDEEP

768:tTDbO7x8XoVfrdI+L70bzwzpVOjMX/x+BKEkueAGoDpmKKtVB2:o7xEoVZFaqVGMX/x+0EkueA9ct

Score

N/A

Malware Config

Signatures

Files

559786764ee95af3e56a31b862600dd982ed057c1226f5b8a211c6fad5c7430f
.dll windows x86

c902a4493ba2368e635fac684dbed8ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
htons
WSCEnumProtocols
WSCGetProviderPath
getsockname
ntohl
WSAGetLastError
ntohs

shlwapi

PathStripPathW

kernel32

GetOEMCP
HeapSize
RtlUnwind
HeapReAlloc
VirtualAlloc
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
CloseHandle
HeapAlloc
HeapFree
ExpandEnvironmentStringsA
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
HeapDestroy
HeapCreate
GetLastError
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FreeLibrary
GetCurrentProcessId
GetModuleFileNameW
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteFile

Exports

Exports

WSPStartup

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c902a4493ba2368e635fac684dbed8ae

Headers

File Characteristics

Imports

ws2_32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 3KB