49668c36d1bfd934da7a3620b00828e21be09e43e28607ccc6920a4ab606c0dd

Sharing

Copy URL Twitter E-mail

General

Target

49668c36d1bfd934da7a3620b00828e21be09e43e28607ccc6920a4ab606c0dd
Size

88KB
MD5

be3de81e4090510509a78bb41f8adbe7
SHA1

e02fd4f8049b399f2f80dbad8cf7acdae29abab3
SHA256

49668c36d1bfd934da7a3620b00828e21be09e43e28607ccc6920a4ab606c0dd
SHA512

c380e1b209f3e652ac4cc9bbe78ba6b4b7154cf72b68b8f76271b423ef0dee52407a56c78aae29fac5dd3b9889c4a5b4eb1697cb4cd5cdc0d65347aade7205c9
SSDEEP

1536:EKCbLuAcBhLyCmTt/gVjffKSDu4s6r4e/knZf8lv3VD6j:EKqmB2gVjquuP/2Sf8lv3M

Score

N/A

Malware Config

Signatures

Files

49668c36d1bfd934da7a3620b00828e21be09e43e28607ccc6920a4ab606c0dd
.dll windows x86

3186a1e877362201433fce7416f8f8f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
GetLastError
InterlockedExchangeAdd
WaitForSingleObject
OpenProcess
CloseHandle
GetCurrentProcessId
Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForMultipleObjects
OpenEventA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
CreateFileA
HeapFree
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
FlushFileBuffers
SetStdHandle
SetEndOfFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr

ws2_32

ioctlsocket
getsockname
gethostname
gethostbyname
inet_ntoa
htonl
WSAGetLastError
htons
inet_addr
select

vsipc

IPCUN24
IPCUN22
IPCgetServerPort
IPCgetServerAddr
IPCgetLocalAddr
IPCgetLocalPort
IPCgetRoomId

Exports

Exports

RegisterMsgCallBack
SetConnectLocalMode
WYWSACleanup
WYWSAStartup
WYbind
WYclosesocket
WYconnect
WYgetpeername
WYrecv
WYrecvfrom
WYsend
WYsendto
WYsocket
getIPInfo
initWSAFuncTable

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3186a1e877362201433fce7416f8f8f9

Headers

File Characteristics

Imports

kernel32

ws2_32

vsipc

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 4KB