c8b36e58326b29ba4c2d57d3d6dad7a36ea3f0abc47667b66c8c80fb4c59c073

Sharing

Copy URL Twitter E-mail

General

Target

c8b36e58326b29ba4c2d57d3d6dad7a36ea3f0abc47667b66c8c80fb4c59c073
Size

332KB
MD5

6e772b396a316709c2bbec739daa9891
SHA1

af2177049a2decb5790b05d912be762fc564797b
SHA256

c8b36e58326b29ba4c2d57d3d6dad7a36ea3f0abc47667b66c8c80fb4c59c073
SHA512

6baf13b14ceac558cb4285eb6ee8a80079440c534c163fe43e9b080cb14795f96dbd787f6f8f75f08af15236c840a6e8718c87d8746b20fd3fa0579a03a7e199
SSDEEP

6144:NzAWwIJOcLOrK4SoRfqaRIPRQrgV1i2L4G:NzAXY/OrK4SdxJGe1ig

Score

N/A

Malware Config

Signatures

Files

c8b36e58326b29ba4c2d57d3d6dad7a36ea3f0abc47667b66c8c80fb4c59c073
.dll windows x86

d377b875da011a4c020ca7e2bd27b4d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

istat

?GetDataHash@@YAHPBDHPADH@Z
?IPAccDecrypt@@YAHPAEAAI@Z

ws2_32

closesocket
inet_addr
htonl
WSASend
getsockname
select
htons
listen
WSARecv
accept
WSAStringToAddressA
getservbyname
bind
getsockopt
ioctlsocket
__WSAFDIsSet
WSASocketW
connect
WSASetLastError
setsockopt
gethostbyname
ntohl
WSAGetLastError
WSAStartup
WSACleanup

kernel32

SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetLastError
LoadLibraryA
GetProcAddress
TlsAlloc
GetModuleFileNameA
LocalFree
FormatMessageA
TlsFree
PostQueuedCompletionStatus
InterlockedIncrement
LeaveCriticalSection
SetLastError
GetQueuedCompletionStatus
InitializeCriticalSection
WaitForSingleObject
InterlockedDecrement
TlsSetValue
CloseHandle
InterlockedCompareExchange
EnterCriticalSection
DeleteCriticalSection
InterlockedExchange
Sleep
CreateIoCompletionPort
GetModuleHandleA
TlsGetValue
GetSystemTimeAsFileTime
InterlockedExchangeAdd
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetVersionExA
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
GetCurrentProcessId
GetFileAttributesA
CreateFileA
CreateDirectoryA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
GetCPInfo
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
ExitProcess
WriteFile
ReadFile
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP

Exports

Exports

?GetTrackerList@@YAHPAU_stTrackerList@@PBD@Z
?SyncTrackerList@@YAHPBD@Z

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d377b875da011a4c020ca7e2bd27b4d1

Headers

File Characteristics

Imports

istat

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 12KB - Virtual size: 17KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 12KB - Virtual size: 17KB

.reloc
Size: 20KB - Virtual size: 19KB