a6a9504c8275e4e86adc3b426ae3f853ce8537c03f523c14bc3cbff9ce282c6a

Sharing

Copy URL Twitter E-mail

General

Target

a6a9504c8275e4e86adc3b426ae3f853ce8537c03f523c14bc3cbff9ce282c6a
Size

119KB
MD5

5a4e0df47ad93ec3ff91b048de626e10
SHA1

c4b474d5e83dd616f93253293381f82e5bfc0de0
SHA256

a6a9504c8275e4e86adc3b426ae3f853ce8537c03f523c14bc3cbff9ce282c6a
SHA512

9bd3e0a670750c7635c53cf7eb8c957f7e453e26504d4f129e4ea2ec1e30a3e1f258d1ae290e0b3835eb9ec155a60af084669d9d2ec3108762c7315dc4686ad0
SSDEEP

3072:G+HRoXEOvjY9kzBuzmBzNBp1r+cZ7Y6cPWvPLd7FiI2:G+xoX7ykluQ3p9tZ7Y6c+vPLd7F

Score

N/A

Malware Config

Signatures

Files

a6a9504c8275e4e86adc3b426ae3f853ce8537c03f523c14bc3cbff9ce282c6a
.dll windows x86

6ebdcf5ac3d27766334f14a97be524e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

WinExec
SetLastError
lstrlenA
CreateProcessA
lstrcatA
GetProcAddress
LoadLibraryA
lstrcpyA
GetTickCount

msvcrt

wcstombs
strftime
_ltoa
time
_beginthreadex
calloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
strncat
_errno
atoi
__CxxFrameHandler
strncmp
strncpy
strcat
memset
strcmp
strrchr
_except_handler3
malloc
free
_CxxThrowException
memcmp
??2@YAPAXI@Z
strstr
strlen
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
sprintf
_itoa
_strcmpi
_strrev
_strnicmp
strcpy
localtime

ws2_32

WSACleanup
WSAStartup
bind
getsockname
htons
socket
setsockopt
sendto
ntohs
inet_addr
inet_ntoa
gethostbyname
send
select
recv
recvfrom
__WSAFDIsSet
gethostname
closesocket

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

msvcirt

??_Dofstream@@QAEXXZ
??1ofstream@@UAE@XZ
?close@ofstream@@QAEXXZ
?write@ostream@@QAEAAV1@PBDH@Z
?open@ofstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ofstream@@QAE@XZ
??_Dfstream@@QAEXXZ
??1fstream@@UAE@XZ
?close@fstream@@QAEXXZ
?read@istream@@QAEAAV1@PADH@Z
?open@fstream@@QAEXPBDHH@Z
??0fstream@@QAE@XZ
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
??1ios@@UAE@XZ

Exports

Exports

RTPatchSetDirWalk
ServiceMain
paste

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ebdcf5ac3d27766334f14a97be524e5

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

ws2_32

advapi32

msvcirt

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 19KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 19KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 8KB - Virtual size: 7KB