fb2cd2fb4bc58e1929974ab11db19d9a82a3fb0b628d40f59474bf31e8b1d43c

General

Target

fb2cd2fb4bc58e1929974ab11db19d9a82a3fb0b628d40f59474bf31e8b1d43c
Size

9KB
MD5

fbd6eb8bc785454f61c6b336446bcc1e
SHA1

942ad9e7b2e4dbf46c6ed9f7d05a5996ad0bb2d0
SHA256

fb2cd2fb4bc58e1929974ab11db19d9a82a3fb0b628d40f59474bf31e8b1d43c
SHA512

91164dea7e4954fe384ec8d8731db4814ef51507f3b1b24c68c429a1721e12054cde9f1efea980093fa01b3be69a97fd354c2a8cd429aad1c219e5cfbfac37d9
SSDEEP

192:408CL9DohXVW3a08cQ2ccIcyPMQ03X7H6CkqLI:ACL9DmVW33yFXMdrH6h

Score

N/A

Malware Config

Signatures

Files

fb2cd2fb4bc58e1929974ab11db19d9a82a3fb0b628d40f59474bf31e8b1d43c
.dll windows x86

2238759357539c6a1268e1a65676d82d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
rand
_unlock
??3@YAXPAX@Z

ws2_32

ntohl
htonl

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount

Exports

Exports

?TeaDecryptECB@@YAXPBE0PAE@Z
?TeaEncryptECB@@YAXPBE0PAE@Z
?oi_symmetry_decrypt2@@YAHPBEH0PAEPAH@Z
?oi_symmetry_decrypt@@YAHPBEH0PAEPAH@Z
?oi_symmetry_encrypt2@@YAXPBEH0PAEPAH@Z
?oi_symmetry_encrypt@@YAXPBEH0PAEPAH@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2238759357539c6a1268e1a65676d82d

Headers

File Characteristics

Imports

msvcr80

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 868B

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 460B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 868B

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 460B