7e46bb82ca755e4de75cf7c5809cb08152cf08199917a8821785f7ec6716ca35

Sharing

Copy URL Twitter E-mail

General

Target

7e46bb82ca755e4de75cf7c5809cb08152cf08199917a8821785f7ec6716ca35
Size

92KB
MD5

aab6b655c762d23f0cb1f637a89618b7
SHA1

8c04e00597c1d79371d198265b57c3de5216fa3d
SHA256

7e46bb82ca755e4de75cf7c5809cb08152cf08199917a8821785f7ec6716ca35
SHA512

7c663042bea8d55bc0b211dcf88d7df32691818d66ab181f81ea8de42b04c285354b4e837647713484239082bb3ead692d676ec30f4c058860b7faca54744b62
SSDEEP

1536:9pyxTQJgERdH+BFUEpf1lzHRfIevaMalJt+JJP6:GTQJgERCieaMalJt+zS

Score

N/A

Malware Config

Signatures

Files

7e46bb82ca755e4de75cf7c5809cb08152cf08199917a8821785f7ec6716ca35
.dll windows x86

fd0e4fb410a50d9754b8a2f887adc407

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
ntohl
gethostbyname
inet_addr
WSACleanup

kernel32

GetEnvironmentStrings
CloseHandle
CreateFileA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetLastError
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualQuery
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSection
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

Exports

Exports

?getHookIPList@@YAHPAK0HPAH@Z
?getIdentity@@YA_NPADH@Z
?initIPList@@YAHXZ
?setIPList@@YAHABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd0e4fb410a50d9754b8a2f887adc407

Headers

File Characteristics

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 6KB