4d2ad834e819c0683e07db55256e87e8c9efddb19c43cf444b34cb457ecd56fb

General

Target

4d2ad834e819c0683e07db55256e87e8c9efddb19c43cf444b34cb457ecd56fb
Size

196KB
MD5

2a9f3af768fee45722db7acc33199a70
SHA1

f62cf130b3a75d8c6ee1328d59f46057efe9d2f6
SHA256

4d2ad834e819c0683e07db55256e87e8c9efddb19c43cf444b34cb457ecd56fb
SHA512

e865f03035d16ab9fb0c1d71d57f51e5795718080e160c8403b7a355dbdf7318b11063fe6fb0be694a4255d385901499b82233ec07d4127da6f016377f5ffe95
SSDEEP

3072:oCYGxkwde6Pe9FrXF5asBMYO5j3vzvn10DfwKTH6d1kQlIR0K:XxkwUZnrV5atX5jfE4aQ1kmIW

Score

N/A

Malware Config

Signatures

Files

4d2ad834e819c0683e07db55256e87e8c9efddb19c43cf444b34cb457ecd56fb
.dll windows x86

73bc20be16507673a195e4c43e7f1c08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

ntohl
ntohs
htonl
WSAStartup
WSACleanup
send
shutdown
recv
socket
gethostbyname
htons
connect

winmm

timeGetTime

msvcr71

_open
_close
_read
_getpid
_strdup
_errno
isprint
strncpy
_iob
fprintf
vfprintf
abort
signal
exit
strrchr
remove
tolower
strchr
strtod
strtol
getenv
_write
ctime
time
_lseeki64
_vsnprintf
strerror
sprintf
qsort
malloc
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
free

kernel32

GetProcAddress
LoadLibraryA
Sleep
GetSystemTime
SystemTimeToFileTime
FormatMessageA
FreeLibrary
GetLastError
GetModuleFileNameA

Exports

Exports

_Agent_OnLoad@12
_Agent_OnUnload@4

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73bc20be16507673a195e4c43e7f1c08

Headers

File Characteristics

Imports

wsock32

winmm

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 60KB - Virtual size: 60KB