cac489af75feaf4574e25486b3f98ea2c712b77caf20114150a1c6ba012b48bd

Sharing

Copy URL Twitter E-mail

General

Target

cac489af75feaf4574e25486b3f98ea2c712b77caf20114150a1c6ba012b48bd
Size

187KB
MD5

6461f019fcaa073f34df2444e5f38b70
SHA1

8b182d2891a8f85818963287140faf9342f42ca2
SHA256

cac489af75feaf4574e25486b3f98ea2c712b77caf20114150a1c6ba012b48bd
SHA512

1072bb6d90bdbddc6a6b7e3d39187dcb490ede56d8fdfcad5d2c27e5e8d448b4d50b24225a4e96e6c6eae0b35d8cab0bf25c6d4e31f8683db2641787c4850429
SSDEEP

3072:CEVmZU46r7/x4uIlFiQFae9t7Ot/t6S3UndZwoLKA7WhyL1pnQYxsIE1:LV1NaihrQ8G1Lf7WhyLr77

Score

N/A

Malware Config

Signatures

Files

cac489af75feaf4574e25486b3f98ea2c712b77caf20114150a1c6ba012b48bd
.dll windows x86

50e48cda318f8b831ecc496cd17410e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
bind
gethostbyname
inet_ntoa
htons
inet_addr
getpeername
listen
accept
recvfrom
recv
WSAStartup
closesocket
ntohs
setsockopt
socket
send
sendto
select
connect

winmm

timeGetTime

gdiplus

GdipSaveImageToStream
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromGdiDib

kernel32

GetStdHandle
AllocConsole
SetConsoleTitleW
CreateFileW
SetFilePointer
lstrlenW
lstrcpyW
WriteFile
OutputDebugStringW
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetProfileIntW
GetModuleFileNameW
WaitForSingleObject
CreateThread
WideCharToMultiByte
lstrcmpiW
WaitForMultipleObjects
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
lstrcatW
GetCurrentThreadId
lstrlenA
lstrcatA
MultiByteToWideChar
GetStartupInfoA
LoadLibraryA
FreeLibrary
DebugBreak
FatalAppExitW

user32

wvsprintfA
MessageBoxW
wsprintfW

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2

oleaut32

VariantClear

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_chkesp
memcmp
memcpy
memset
wcsrchr
_vsnwprintf
vswprintf
swprintf
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??3@YAXPAX@Z

Exports

Exports

polmxhat

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e48cda318f8b831ecc496cd17410e8

Headers

File Characteristics

Imports

ws2_32

winmm

gdiplus

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 34KB - Virtual size: 38KB

.reloc Size: 15KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 34KB - Virtual size: 38KB

.reloc
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 4KB