2e4183e2df27fb4534b4069f3137ebf296def1257b8d4f0ea7f95301d10e2745

Sharing

Copy URL Twitter E-mail

General

Target

2e4183e2df27fb4534b4069f3137ebf296def1257b8d4f0ea7f95301d10e2745
Size

356KB
MD5

91327d1c53da596edccc793e5449a540
SHA1

b7e6685b91b187575fdaf273822f14752c4aac17
SHA256

2e4183e2df27fb4534b4069f3137ebf296def1257b8d4f0ea7f95301d10e2745
SHA512

a45f92571ab75d1cedefe1d71debd040c1bf8e672a44c4616645ca7c2247a66f2ff3f409e6a007176b08ea3fba136cf7f043adf7d9443325aff0c9a65448cf2e
SSDEEP

6144:qgI+PC4JXShqfxushqf7sDcWXdnf2Q0SXAqvn4U:qgI+PC7qfxush4mndnfrc9U

Score

N/A

Malware Config

Signatures

Files

2e4183e2df27fb4534b4069f3137ebf296def1257b8d4f0ea7f95301d10e2745
.dll windows x86

f7596a88c274148ecbaba44284c5b1ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord269
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord839
ord1641
ord433
ord1656
ord2141
ord5575
ord1572
ord434
ord464
ord845
ord540
ord535
ord800
ord4033
ord823
ord825
ord1567
ord268
ord1264
ord826

msvcrt

_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_mbclen
_mbsinc
_mbscmp
fclose
strcat
free
atoi
_ismbcdigit
sprintf
vsprintf
fopen
localtime
fprintf
fflush
realloc
memcpy
__CxxFrameHandler
printf
time
srand
rand
abs
_CxxThrowException
memset
strlen
strcpy
_ftol
fabs
cos
sin

kernel32

GetModuleFileNameA
CloseHandle
Sleep
GetProcAddress
GetLastError
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
VirtualFree
FreeLibrary
VirtualQuery
OutputDebugStringA
ExitProcess
LocalFree
LocalUnlock
LocalLock
LocalAlloc
lstrlenA
HeapAlloc
InterlockedDecrement
MultiByteToWideChar

user32

MessageBoxA
wsprintfA

gdi32

GetDIBits
CreatePalette
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
GetObjectA

ole32

CoUninitialize
OleInitialize

oleaut32

SysFreeString
VariantCopy
VariantClear
SysAllocString

ws2_32

inet_ntoa
ntohs
recv
htonl
sendto
select
send
inet_addr
setsockopt
htons
bind
listen
closesocket
WSACleanup
WSAStartup
WSASocketA
WSAGetLastError
shutdown
WSAConnect
recvfrom
WSAAccept

Exports

Exports

DllGetClassObject
RD_XXXX

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7596a88c274148ecbaba44284c5b1ac

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

ole32

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 12KB - Virtual size: 16KB

.reloc Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 12KB - Virtual size: 16KB

.reloc
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB