a59dcd4502e2611f1457ef36a37ee0b6964f03b35fb901fe74236e8fe4abf141

Sharing

Copy URL Twitter E-mail

General

Target

a59dcd4502e2611f1457ef36a37ee0b6964f03b35fb901fe74236e8fe4abf141
Size

76KB
MD5

d516f8b6b0a099b7bac0ac8fbe37729a
SHA1

5fab7a29e9cfe072d7a069b8d37f17c90731673b
SHA256

a59dcd4502e2611f1457ef36a37ee0b6964f03b35fb901fe74236e8fe4abf141
SHA512

2cad7d9a2f7017dae8f398f8829452e7d1c1b5a84365c5ef3d9e4476998ee44799d73267c388b9c910853ee420a124eac631dc58e4029099c8d7fbbc4e15bc8e
SSDEEP

768:EOBfgGoyONfcFvYwqygVMGtLvxjTk+7eoPayi2iB93TaglrtGp9YSsooNKrAxnsZ:LSGgMY5jTkToP+ag5tk9oo0D9sZ

Score

N/A

Malware Config

Signatures

Files

a59dcd4502e2611f1457ef36a37ee0b6964f03b35fb901fe74236e8fe4abf141
.dll windows x86

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
getpeername
ntohs
WSAStartup
gethostbyname
WSACleanup
inet_ntoa
socket
htons
inet_addr
connect
closesocket
send
recv

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
SetLastError
CloseHandle
WriteFile
CreateFileA
GetTickCount
CreateProcessA
WritePrivateProfileStringA
lstrcatA
GetWindowsDirectoryA
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetSystemDirectoryA
ExpandEnvironmentStringsA
InitializeCriticalSection
GetModuleFileNameA
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetOEMCP
HeapAlloc
HeapFree
GetLastError
GetFileAttributesA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
DeleteCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
SetFilePointer
GetCPInfo
GetACP

user32

wsprintfA

Exports

Exports

WSPStartup

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

Imports

ws2_32

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 4KB