99258e30ef543226cbb8a9571bcadd28d489ec8cda0a16e7f2c80654ecd7f70b

Sharing

Copy URL Twitter E-mail

General

Target

99258e30ef543226cbb8a9571bcadd28d489ec8cda0a16e7f2c80654ecd7f70b
Size

47KB
MD5

fe7ba4483a315a6cea36b3fe76a014dc
SHA1

6633d7f46644c5b2c2853a27364c706006e84a7c
SHA256

99258e30ef543226cbb8a9571bcadd28d489ec8cda0a16e7f2c80654ecd7f70b
SHA512

92745bc13c7049e043603022579bf9874c77473f407c06536551e3b65e8677cf8889bc30453cdb4dcf2846922e9a99f41655a6446f311a191e824728bce1b4c8
SSDEEP

768:s1ODsZuf6H/58+txEoRkLafGWD3C9yvQPq4q/UWY0FTo:ai6+kaoRTTyI3N

Score

N/A

Malware Config

Signatures

Files

99258e30ef543226cbb8a9571bcadd28d489ec8cda0a16e7f2c80654ecd7f70b
.exe windows x86

49ee45307d0ecf40d59c7616dab89bad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenEventPair
DbgUiConnectToDbg
RtlSecondsSince1980ToTime
ZwCreateNamedPipeFile
NtReplyWaitReceivePort
ZwCreateToken
RtlPcToFileHeader
isupper
ZwContinue

kernel32

InterlockedDecrement
GetModuleHandleW
LocalSize
EnumSystemCodePagesW
GetFileInformationByHandle
LoadLibraryW
RtlMoveMemory
Beep
RtlFillMemory
CreateFileMappingW
GetProfileSectionW
LZRead
SetLocaleInfoW
GetTapeStatus
FileTimeToDosDateTime
GetCurrentThread
EnumCalendarInfoExW
QueryPerformanceCounter
GetConsoleSelectionInfo
SetFileAttributesA
GetLocaleInfoW

dnsapi

DnsNameCompareEx_W
DnsQueryExA
DnsFreeConfigStructure
DnsQueryConfig
Dns_WriteQuestionToMessage
DnsFree
DnsGetCacheDataTable
DnsNameCompare_UTF8
DnsFlushResolverCache
DnsIpv6AddressToString
DnsIpv6StringToAddress
NetInfo_Copy
BreakRecordsIntoBlob
DnsQueryConfigAllocEx
Dns_BuildPacket
Dns_OpenTcpConnectionAndSend
DnsWriteQuestionToBuffer_UTF8
DnsNotifyResolverClusterIp
Dns_CreateSocketEx
DnsSetConfigDword
DnsModifyRecordsInSet_UTF8
Dns_CreateMulticastSocket
Dns_UpdateLibEx
DnsWriteReverseNameStringForIpAddress
NetInfo_ResetServerPriorities
DnsRecordListFree
DnsApiRealloc
DnsAcquireContextHandle_W
Dns_SetRecordDatalength
DnsStatusString

msvcirt

??5istream@@QAEAAV0@AAN@Z
?out_waiting@streambuf@@QBEHXZ
?clog@@3Vostream_withassign@@A
?setrwbuf@stdiobuf@@QAEHHH@Z
?unlock@ios@@QAAXXZ
??5istream@@QAEAAV0@AAG@Z
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??_Efstream@@UAEPAXI@Z
?pbackfail@streambuf@@UAEHH@Z
??6ostream@@QAEAAV0@E@Z
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??_8iostream@@7Bistream@@@
??_Glogic_error@@UAEPAXI@Z
?getdouble@istream@@AAEHPADH@Z
??0exception@@QAE@ABV0@@Z
?what@exception@@UBEPBDXZ
?epptr@streambuf@@IBEPADXZ
??0Iostream_init@@QAE@XZ
??_Eistrstream@@UAEPAXI@Z
?setmode@ofstream@@QAEHH@Z
?getline@istream@@QAEAAV1@PACHD@Z
?setf@ios@@QAEJJ@Z

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49ee45307d0ecf40d59c7616dab89bad

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

dnsapi

msvcirt

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 7KB - Virtual size: 7KB