41cca5030c41df306a718918007e2234ff6d31baac2883ae0d8df92e75649bf2

General

Target

41cca5030c41df306a718918007e2234ff6d31baac2883ae0d8df92e75649bf2
Size

121KB
MD5

e39575a7c4379e1dbd3fe248723c50b0
SHA1

282bbc460087520cd15e8e0c6cecd146c40853b7
SHA256

41cca5030c41df306a718918007e2234ff6d31baac2883ae0d8df92e75649bf2
SHA512

86e03ed411dfee09830652133d370c7e043a3a5e36d3e36ea9c79b39b4020e9470d8bced4328f61ef1ee67bbb4390ff1522ce7996917de45fd7696eb3aeec810
SSDEEP

3072:4FoQaBWdMHJNsuNjfQU0OhgH0TNsgWPPLdpBj5RFY:4FoQJMEuuihGuNs1PPLdpBj5w

Score

N/A

Malware Config

Signatures

Files

41cca5030c41df306a718918007e2234ff6d31baac2883ae0d8df92e75649bf2
.dll windows x86

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetLastError
lstrlenA
WinExec
GetProcAddress
LoadLibraryA
lstrcpyA

msvcrt

strncat
wcstombs
_ltoa
localtime
time
_beginthreadex
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
_itoa
_errno
atoi
sprintf
strlen
strrchr
strncpy
strstr
strcpy
strcmp
_except_handler3
malloc
free
_CxxThrowException
memcmp
??2@YAPAXI@Z
memset
__CxxFrameHandler
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
strncmp
_strcmpi
_strrev
_strnicmp
strcat
strftime

ws2_32

sendto
WSACleanup
WSAStartup
bind
getsockname
htons
socket
recvfrom
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
send
select
recv
__WSAFDIsSet
gethostname
setsockopt

msvcirt

??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ofstream@@QAEXXZ
?write@ostream@@QAEAAV1@PBDH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@XZ
??_Dfstream@@QAEXXZ
??1fstream@@UAE@XZ
?close@fstream@@QAEXXZ
?read@istream@@QAEAAV1@PADH@Z
?open@fstream@@QAEXPBDHH@Z
??0fstream@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
??1ios@@UAE@XZ

Exports

Exports

RTPatchSetDirWalk
ServiceMain
paste

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB