c49a415708106b5261008105d2628923ec510ce32d04d26b6c30cbf0f8a51b75

Sharing

Copy URL Twitter E-mail

General

Target

c49a415708106b5261008105d2628923ec510ce32d04d26b6c30cbf0f8a51b75
Size

76KB
MD5

88b31bced2d376e60a7fed38fff45637
SHA1

4c5b3b6ff5efd3898050df864b20340251cabedf
SHA256

c49a415708106b5261008105d2628923ec510ce32d04d26b6c30cbf0f8a51b75
SHA512

cfd4a331f28a5a9429b43b5190a08876c8a92f58ac646c3b5851086127ec05c904420564b9dfa027aded0858975c310f2d18b4454a5f6547c89d9d808a4381de
SSDEEP

768:aQv2+0P8Fl5ZpChhVJ2t7/ULTHobeo0ayC6iB9uTKQlbt4u9YSsoMef4B03i:V++0yjMLTHlo0BKQpt19ooAa3

Score

N/A

Malware Config

Signatures

Files

c49a415708106b5261008105d2628923ec510ce32d04d26b6c30cbf0f8a51b75
.dll windows x86

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

getsockname
getpeername
ntohs
WSAStartup
gethostbyname
WSACleanup
inet_ntoa
socket
htons
inet_addr
connect
closesocket
send
recv

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
SetLastError
CloseHandle
WriteFile
CreateFileA
GetTickCount
CreateProcessA
WritePrivateProfileStringA
lstrcatA
GetWindowsDirectoryA
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetSystemDirectoryA
ExpandEnvironmentStringsA
InitializeCriticalSection
GetModuleFileNameA
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetOEMCP
HeapAlloc
HeapFree
GetLastError
GetFileAttributesA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
DeleteCriticalSection
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
SetFilePointer
GetCPInfo
GetACP

user32

wsprintfA

Exports

Exports

WSPStartup

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ccdd17cf9e1f64906b32985eae6e24f

Headers

File Characteristics

Imports

ws2_32

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 8KB - Virtual size: 4KB