3366c83efcdd60896a4280fa21329cb3ac7f2413b78f17c4ef7a7beb64d47524

Sharing

Copy URL Twitter E-mail

General

Target

3366c83efcdd60896a4280fa21329cb3ac7f2413b78f17c4ef7a7beb64d47524
Size

396KB
MD5

01da5b30b689a6d9094d77b0850966b0
SHA1

4c63086dd25e6ebc32f89dc2000c4ffd394ea446
SHA256

3366c83efcdd60896a4280fa21329cb3ac7f2413b78f17c4ef7a7beb64d47524
SHA512

2d0fcd5b21a0eb297deb7b4ce2e9ae1663aac6a9c51e6b75c8e89157a245f284982f9ce107c0e607242c861f40cb2268ac1a9826d22ae1a185d3c3eacbec84ff
SSDEEP

6144:tCCkJlumGbhzqQs4NEzWaWr8h2wh45oBBVgv/KD9rVCCu2Z:8RJlGBnlaWrwSul2EhVCCu2Z

Score

N/A

Malware Config

Signatures

Files

3366c83efcdd60896a4280fa21329cb3ac7f2413b78f17c4ef7a7beb64d47524
.dll windows x86

13961d357b39ba1b3d613725ada7f60d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
getsockopt
htonl
htons
ntohs
ntohl
WSACleanup
WSAIoctl
gethostbyname
getsockname
select
recv
recvfrom
send
sendto
accept
listen
connect
bind
shutdown
closesocket
socket
ioctlsocket
setsockopt
WSAStartup
WSAGetLastError

kernel32

DeleteFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
HeapSize
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
VirtualQuery
SetFilePointer
TerminateThread
GetExitCodeThread
ExitThread
Sleep
GetTickCount
CloseHandle
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
CreateFileA
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedDecrement
InterlockedIncrement
CreateThread
InterlockedExchange
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetCurrentThreadId
LeaveCriticalSection
SetThreadPriority
GetLastError
ReadFile
WriteFile
LCMapStringW
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
SetHandleCount
GetCurrentProcess
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
RaiseException
GetCommandLineA
GetVersionExA
HeapReAlloc
MoveFileA
GetProcAddress
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle

user32

MessageBoxA

netapi32

Netbios

Exports

Exports

IsServerRunning
StartServer
StopServer

Sections

.text
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

13961d357b39ba1b3d613725ada7f60d

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

netapi32

Exports

Exports

Sections

.text Size: 224KB - Virtual size: 221KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 77KB

.reloc Size: 12KB - Virtual size: 11KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 224KB - Virtual size: 221KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 77KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 116KB