ab2bfcbac2914c09a42079ab10b3de59db4bede781ef5762182861f5b8046201

General

Target

ab2bfcbac2914c09a42079ab10b3de59db4bede781ef5762182861f5b8046201
Size

28KB
MD5

b69118be9f1536aa804af74ecd3748d8
SHA1

9419711ab6849efb74a162078f04921acf484e45
SHA256

ab2bfcbac2914c09a42079ab10b3de59db4bede781ef5762182861f5b8046201
SHA512

60e61473da3c4e01ad4b57bc52fce93609ee61c749e71a5b69bcc94325e40e9de0988d2e09108309bb84b44643f9537fa2b22b0984f1ed62218b3e7b1e37748e
SSDEEP

384:JjkPldGWZsc5VLw0Pdesk1sTpTsklynva8LrCZWFIJW8MRsVdSXZfSK3m1VlTc4N:OZpNw0tPUa8LrUPMCsZlglEUj

Score

N/A

Malware Config

Signatures

Files

ab2bfcbac2914c09a42079ab10b3de59db4bede781ef5762182861f5b8046201
.exe windows x86

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ws2_32

WSASocketA
WSAGetLastError
WSAStartup
WSAEventSelect
htons
WSAGetOverlappedResult
ntohs
WSARecvFrom
ioctlsocket
WSACloseEvent
closesocket
inet_ntoa
bind
getservbyname
socket
sendto

kernel32

ExitProcess
ExpandEnvironmentStringsA
GetLocalTime
DeleteCriticalSection
SetLastError
SetEvent
ResumeThread
GetLastError
WaitForSingleObject
CreateEventA
InitializeCriticalSection
HeapCreate
LeaveCriticalSection
HeapFree
CloseHandle
EnterCriticalSection
InterlockedIncrement
WaitForMultipleObjects
HeapAlloc
ResetEvent
Sleep
TryEnterCriticalSection
SuspendThread

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
RegQueryValueExA
RegCloseKey
RegisterServiceCtrlHandlerA
SetServiceStatus

ntdll

memmove
strncpy
isupper
tolower
RtlUpdateTimer
RtlDeleteTimer
_stricmp
atoi
_itoa
RtlDeregisterWaitEx
_chkstk
RtlCreateTimerQueue
RtlRegisterWait
RtlCreateTimer

iphlpapi

NotifyAddrChange
GetIpAddrTable

msvcrt

_initterm
__getmainargs
__setusermatherr
_lseek
_close
_read
malloc
realloc
fclose
free
time
_chdir
_errno
_mkdir
fopen
ctime
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
printf
__p___initenv
_XcptFilter
_exit
_open
_write
exit

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d418b9debed075f60bc452506cb9ddbf

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

ntdll

iphlpapi

msvcrt

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 29KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 29KB