938f2e9584b7d754d0bd9e29deaf326b64335b900b41e8e68adb5fcd20edcb8a

General

Target

938f2e9584b7d754d0bd9e29deaf326b64335b900b41e8e68adb5fcd20edcb8a
Size

136KB
MD5

671fcfb4c134156ec170ec6b6f3546b1
SHA1

5b342f649fce1fdfa9e655cc8923eb405af5ef6e
SHA256

938f2e9584b7d754d0bd9e29deaf326b64335b900b41e8e68adb5fcd20edcb8a
SHA512

0c00010876be66db74190ccdc2410166bec8490a42a1248e559407a5647c3ff94a471abaa38f70fb26501a55ac5760aac3d1bce4f944c05588d9959b70e1b06d
SSDEEP

3072:P591pNTi/cofvjV0EJQeyoJwTbdsE9aL++QWI1Uw4VN5udpII:xLpBEjV0W3UmkW9w85uX

Score

N/A

Malware Config

Signatures

Files

938f2e9584b7d754d0bd9e29deaf326b64335b900b41e8e68adb5fcd20edcb8a
.dll windows x86

cab89e6d40fbd86d9eb6f55a8ae4cde6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

select
send
recv
socket
ioctlsocket
closesocket
gethostbyname
connect
shutdown

kernel32

TlsFree
TlsAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
RtlUnwind
LoadLibraryA
GetLastError
CloseHandle
GetFileType
CreateFileA
ReadFile
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetCommandLineA
GetVersion
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetEndOfFile
SetFilePointer
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
GetOEMCP
GetProcAddress
SetLastError
TlsGetValue
HeapFree
HeapAlloc
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

Exports

Exports

SendFileToQServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cab89e6d40fbd86d9eb6f55a8ae4cde6

Headers

File Characteristics

Imports

wsock32

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 96KB - Virtual size: 95KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 96KB - Virtual size: 95KB

.reloc
Size: 4KB - Virtual size: 1KB