7c8a096110541c12227bf095b235f711f813802a40e9a13c916c1d227d3e6239

General

Target

7c8a096110541c12227bf095b235f711f813802a40e9a13c916c1d227d3e6239
Size

11KB
MD5

86fea106e4138f9eab5793c4cd59c841
SHA1

6988a7bb94920bc4f563e3765d76b4abd6e67fd6
SHA256

7c8a096110541c12227bf095b235f711f813802a40e9a13c916c1d227d3e6239
SHA512

401541ffbecd75c2b30104503c3956067202be0cfddd6152babe7104a82d1490c9d5d568e3ca2fed3f465d7ca3c2932c29cba10c3272b64ee951800d1de607c8
SSDEEP

192:KiGWGFG5oTsv9eyCuDYlKNuLXYlWJxMTU6iMp:K3zGREyCuB4LX1fMg6iM

Score

N/A

Malware Config

Signatures

Files

7c8a096110541c12227bf095b235f711f813802a40e9a13c916c1d227d3e6239
.dll windows x86

095235e257f15f216630cf07d6ecf5bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenFile
ZwQueryEaFile
RtlFreeUnicodeString
RtlDosPathNameToNtPathName_U
LdrAccessResource
ZwClose
ZwSetEaFile
ZwAlertThread
ZwQueryInformationToken
ZwOpenProcessToken
ZwDelayExecution
ZwSetLowEventPair
ZwWaitHighEventPair
ZwSetHighWaitLowEventPair
RtlNtStatusToDosError
memset
RtlInterlockedPushEntrySList
RtlInterlockedPopEntrySList
RtlIpv4StringToAddressA
wcscat
memcpy
LdrFindResource_U
ZwCreateEventPair
RtlTimeToSecondsSince1980
RtlRandomEx
RtlExitUserThread
RtlComputeCrc32

kernel32

LocalFree
LocalAlloc
BindIoCompletionCallback
GetLastError
CreateThread
CreateTimerQueueTimer
DeleteTimerQueueTimer
Sleep
LoadLibraryW
FreeLibrary
GetSystemTimeAsFileTime
GetTickCount
VirtualFree
GetVersion

ws2_32

WSASendTo
setsockopt
WSASend
WSARecv
WSAIoctl
bind
WSASocketW
WSAGetLastError
closesocket
WSAStartup
WSACleanup
WSARecvFrom

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095235e257f15f216630cf07d6ecf5bc

Headers

File Characteristics

Imports

ntdll

kernel32

ws2_32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 284B

.rsrc Size: 512B - Virtual size: 224B

.reloc Size: 1024B - Virtual size: 548B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 284B

.rsrc
Size: 512B - Virtual size: 224B

.reloc
Size: 1024B - Virtual size: 548B