4836d058b70436ba4a5877c2be3f42dcb64588b390f590f4bf553879f0619035

General

Target

4836d058b70436ba4a5877c2be3f42dcb64588b390f590f4bf553879f0619035
Size

121KB
MD5

5d57d5056ad1c7c3a61d0522c72a6380
SHA1

207e3d67ff4c809735e2aa2155128bc5c4e40fe9
SHA256

4836d058b70436ba4a5877c2be3f42dcb64588b390f590f4bf553879f0619035
SHA512

9ca7b76d0a0e6e72a835bd8c0f07e9274a4c206fdec11bee9a2a69627746d6957daf5ec6e4a84ba03a2b6babce014ae9105616d7ec7788680771510a23348d83
SSDEEP

3072:4FoQaBWdMHJNsuNjfQU0OhgH0TNsgWtPLdpBj5RFY:4FoQJMEuuihGuNs1tPLdpBj5w

Score

N/A

Malware Config

Signatures

Files

4836d058b70436ba4a5877c2be3f42dcb64588b390f590f4bf553879f0619035
.dll windows x86

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
SetLastError
lstrlenA
WinExec
GetProcAddress
LoadLibraryA
lstrcpyA

msvcrt

strncat
wcstombs
_ltoa
localtime
time
_beginthreadex
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
_itoa
_errno
atoi
sprintf
strlen
strrchr
strncpy
strstr
strcpy
strcmp
_except_handler3
malloc
free
_CxxThrowException
memcmp
??2@YAPAXI@Z
memset
__CxxFrameHandler
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
strncmp
_strcmpi
_strrev
_strnicmp
strcat
strftime

ws2_32

sendto
WSACleanup
WSAStartup
bind
getsockname
htons
socket
recvfrom
closesocket
ntohs
inet_addr
inet_ntoa
gethostbyname
send
select
recv
__WSAFDIsSet
gethostname
setsockopt

msvcirt

??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ofstream@@QAEXXZ
?write@ostream@@QAEAAV1@PBDH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@XZ
??_Dfstream@@QAEXXZ
??1fstream@@UAE@XZ
?close@fstream@@QAEXXZ
?read@istream@@QAEAAV1@PADH@Z
?open@fstream@@QAEXPBDHH@Z
??0fstream@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
??1ios@@UAE@XZ

Exports

Exports

RTPatchSetDirWalk
ServiceMain
paste

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d821ebe97e29eee9930e0fd91bc31098

Headers

File Characteristics

Imports

kernel32

msvcrt

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB