de5b29ae2583ba02c7804f96d3d9cf6f71106d1561cd17375e5c239f9d3fc168

General

Target

de5b29ae2583ba02c7804f96d3d9cf6f71106d1561cd17375e5c239f9d3fc168
Size

152KB
MD5

01f94a0d29f309f5799ac985ae6fe260
SHA1

d968bb158c33f6e62231f7f2e99b02c0b6979e98
SHA256

de5b29ae2583ba02c7804f96d3d9cf6f71106d1561cd17375e5c239f9d3fc168
SHA512

b33ea96732a6ae44801cd4c7a11b10e6cc6525313e680c6781418c3da0a342c010a542133e4f33a800a338f19b3ac029fc1085c5e90ed1984f10c30f687b7dc3
SSDEEP

3072:EUdK8ySVUYX6A1ujCQLcv6njj+K7+N53a4t9VAF+o3ouRueOBT:E8QYXhu2ccv6njj3+NUwo3/Ru9N

Score

N/A

Malware Config

Signatures

Files

de5b29ae2583ba02c7804f96d3d9cf6f71106d1561cd17375e5c239f9d3fc168
.exe windows x86

5fc51356189fb5ec9c10fdbbe62945ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
lstrlenA
GetProfileStringW
LoadResource
FindResourceA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetStringTypeW

ws2_32

ioctlsocket
listen
ntohl
inet_addr
select
recv
send
socket
WSAAddressToStringA
WSAWaitForMultipleEvents
WSAEnumNetworkEvents

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fc51356189fb5ec9c10fdbbe62945ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 148KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 148KB

.rsrc
Size: 40KB - Virtual size: 39KB