4347b4b9775e986b46761ef534a27c3a0bc9a7ef27f3a9276092c75b42427b97

Sharing

Copy URL Twitter E-mail

General

Target

4347b4b9775e986b46761ef534a27c3a0bc9a7ef27f3a9276092c75b42427b97
Size

92KB
MD5

1b6dd623fd100772ddd19c75f9295d6e
SHA1

4f57273d696008ee44aff0acf1e0056972c92cd1
SHA256

4347b4b9775e986b46761ef534a27c3a0bc9a7ef27f3a9276092c75b42427b97
SHA512

4e806d53c7e074b8be753b7c3527280893a1e3af28558f2d3ca90de0edc0c5e24676656ea34a6adeafa5932da68a28b2297ac0826f121bc0072a8118200966ee
SSDEEP

1536:OfxCcG87l6rRIyZlMJTmFOcLMoroDJHuE4FUCV4Ixlvvcz5D22:ODJ6rOSYLoGJHaO3IxlXcz5K

Score

N/A

Malware Config

Signatures

Files

4347b4b9775e986b46761ef534a27c3a0bc9a7ef27f3a9276092c75b42427b97
.dll windows x86

099a1fbde88d84530cea90b830a46ece

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleHandleA
Sleep
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadWritePtr
VirtualAlloc
FlushFileBuffers
SetEndOfFile
InterlockedIncrement
InterlockedDecrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
CloseHandle
GetCommandLineA
GetVersion
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreateFileA
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetStdHandle

user32

MessageBoxA

vsipc

IPCgetServerAddr
IPCgetServerPort

wsock32

select
__WSAFDIsSet
recv
recvfrom
accept
closesocket
socket
listen
WSAGetLastError
inet_addr
send
inet_ntoa
sendto
ioctlsocket
htons
bind
WSAStartup
htonl
WSACleanup
connect

Exports

Exports

LCTRL1
LCTRL10
LCTRL11
LCTRL12
LCTRL2
LCTRL3
LCTRL4
LCTRL5
LCTRL6
LCTRL7
LCTRL8
LCTRL9

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099a1fbde88d84530cea90b830a46ece

Headers

File Characteristics

Imports

kernel32

user32

vsipc

wsock32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 984B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 984B

.reloc
Size: 8KB - Virtual size: 5KB