2971a8051f52cafdec8054d22f856e64405f7cbac4814dbef3de2ac6fe3a2b1b

Sharing

Copy URL

Twitter E-mail

General

Target

2971a8051f52cafdec8054d22f856e64405f7cbac4814dbef3de2ac6fe3a2b1b
Size

296KB
MD5

8a1b289fc90c19ada32d4ece8af45404
SHA1

199721b44a02524aa13b7c65bd3c2506372d4cf7
SHA256

2971a8051f52cafdec8054d22f856e64405f7cbac4814dbef3de2ac6fe3a2b1b
SHA512

89fde210134e70edd74e39466e0bd171a3d8e67b4032d2b4dde6b7fc2bf53b3f61647725fe3179fdd2cc86a618cdd3374976bcfdabd4d1ba72214f05a5ee8e62
SSDEEP

6144:b/FmdtUm7H9WNG9VxviI4GT+z0YphDDvI3EtpOXg42ZwPGb91:5Atis9iIxTby6j2aOb91

Score

N/A

Malware Config

Signatures

Files

2971a8051f52cafdec8054d22f856e64405f7cbac4814dbef3de2ac6fe3a2b1b
.dll windows x64

c3569f0bdc4598d6139b199b3e3329fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

htons
ntohl
htonl

kernel32

CreateEventA
DeviceIoControl
SetEvent
WaitForMultipleObjects
ReleaseSemaphore
CreateSemaphoreA
Sleep
WaitForSingleObject
InitializeCriticalSection
WaitForSingleObjectEx
TerminateThread
CreateThread
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
GetVersionExA
GetSystemInfo
CompareStringW
CreateFileA
CreateFileW
GetSystemDirectoryW
PostQueuedCompletionStatus
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryW
FreeLibrary
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
VirtualProtect
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetQueuedCompletionStatus
CloseHandle
CreateIoCompletionPort
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLastError
PulseEvent
SetUnhandledExceptionFilter
ExitProcess
ExitThread
ResetEvent
FlushFileBuffers
GetTickCount
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
CreateMutexA
ReleaseMutex
LoadLibraryA
ResumeThread
LocalAlloc
RaiseException
FlsSetValue
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetModuleHandleW
HeapSetInformation
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
HeapSize
GetLocaleInfoW

advapi32

RegOpenKeyExW
QueryServiceConfigW
CreateServiceW
ChangeServiceConfigW
QueryServiceStatus
StartServiceW
OpenServiceW
UnlockServiceDatabase
LockServiceDatabase
CloseServiceHandle
OpenSCManagerW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW

Exports

Exports

DeinitServerExtension
InitServerExtension
ReflectiveLoader

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3569f0bdc4598d6139b199b3e3329fb

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 165KB - Virtual size: 165KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 67KB - Virtual size: 76KB

.pdata Size: 12KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 165KB - Virtual size: 165KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 67KB - Virtual size: 76KB

.pdata
Size: 12KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 2KB