d58e2805b13634d263d48fdf8e33d7efb253cd0d89b26cbb2681098d442db401

Sharing

Copy URL Twitter E-mail

General

Target

d58e2805b13634d263d48fdf8e33d7efb253cd0d89b26cbb2681098d442db401
Size

76KB
MD5

48d75a358bcde3529649151c3c38c767
SHA1

10686dbd733c8ec24db23a6160862f4889f76a72
SHA256

d58e2805b13634d263d48fdf8e33d7efb253cd0d89b26cbb2681098d442db401
SHA512

7e081eee2bb42cf1833c327c817d32f7d1f4aa6e5a6c401edff0b58e221d3dcdfe5f4bbb7b3c02dac287b903f1b5ad2e0be4a458a3a00140b4d4c2d039f3912a
SSDEEP

768:grfcLEykEOFdJRLsQV8WCRB5F4EIT2mbeomayay8iB9pTUp2Do4s9YSsondqA9hn:gzke3IbIT2rom7Upeo39ooYCfU8Lbl

Score

N/A

Malware Config

Signatures

Files

d58e2805b13634d263d48fdf8e33d7efb253cd0d89b26cbb2681098d442db401
.dll windows x86

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
getpeername
ntohs
WSAStartup
gethostbyname
WSACleanup
inet_ntoa
socket
htons
inet_addr
connect
closesocket
send
recv

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
SetLastError
CloseHandle
WriteFile
CreateFileA
GetTickCount
CreateProcessA
WritePrivateProfileStringA
lstrcatA
GetWindowsDirectoryA
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetSystemDirectoryA
ExpandEnvironmentStringsA
InitializeCriticalSection
GetModuleFileNameA
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetOEMCP
HeapAlloc
HeapFree
GetLastError
GetFileAttributesA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
DeleteCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
SetFilePointer
GetCPInfo
GetACP

user32

wsprintfA

Exports

Exports

WSPStartup

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

Imports

ws2_32

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 4KB