8dfba0e2b73e57d520b64256a8189e5c7baa24bc2309a5499bfbeff67a1068d3

General

Target

8dfba0e2b73e57d520b64256a8189e5c7baa24bc2309a5499bfbeff67a1068d3
Size

88KB
MD5

487ec07913c11271f256c6260ae815e3
SHA1

06f262515e890158783e962b8b1d9ecda6c02a3e
SHA256

8dfba0e2b73e57d520b64256a8189e5c7baa24bc2309a5499bfbeff67a1068d3
SHA512

651c7ee6d0cc79216e55e26b23e62dd6ed28d8e2689c1b8bb688759ddf9482cbef94443374b3170e0ac91a2d8d953d6399a44ae32cb44e5bb9734dd5f15ae81f
SSDEEP

768:5UBGU7sO4as+3SU9NPeUule9OPlZHIjw8EHKI6rVXvlQRStiP8WGEtUy:0YO4zU9NPePeWlBIeKxrplQ0tiPJGEJ

Score

N/A

Malware Config

Signatures

Files

8dfba0e2b73e57d520b64256a8189e5c7baa24bc2309a5499bfbeff67a1068d3
.dll windows x86

0beae23380e9f4c31b17cf525cad81f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

udp_p2p

WYWSACleanup
WYWSAStartup
WYsendto
WYrecvfrom
WYbind
WYclosesocket
WYsocket

mfc42

ord825
ord800
ord924
ord535
ord858
ord4129
ord5683
ord2818
ord540
ord2915
ord823

msvcrt

fclose
fprintf
_stricmp
fopen
strchr
strncmp
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
sprintf
__CxxFrameHandler
_setjmp3
longjmp

kernel32

VirtualProtect
GetCurrentProcess
OpenEventA
ReadProcessMemory
SetEvent
GetLastError
LoadLibraryA
lstrcmpiA
OpenProcess
VirtualProtectEx
WriteProcessMemory
VirtualQuery
GetProcAddress
WaitForSingleObject
DeleteCriticalSection
GetVersionExA
GetSystemInfo
InitializeCriticalSection
GetModuleHandleA
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
CloseHandle
GetModuleFileNameA

imagehlp

ImageDirectoryEntryToData

vsipc

IPCUN2
IPCUN1
IPCUN5
IPCUN4
IPCUN3

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0beae23380e9f4c31b17cf525cad81f6

Headers

File Characteristics

Imports

udp_p2p

mfc42

msvcrt

kernel32

imagehlp

vsipc

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 12KB - Virtual size: 8KB