907608585ab32ee4c0436e6ef8922cf4e601a57e6ca07ea1296692c31bf96c4c

General

Target

907608585ab32ee4c0436e6ef8922cf4e601a57e6ca07ea1296692c31bf96c4c
Size

52KB
MD5

78f2a94759d51a35a204468f10f37c2e
SHA1

210c66b017ad9ebd140f758de7fa93ee75aeaee8
SHA256

907608585ab32ee4c0436e6ef8922cf4e601a57e6ca07ea1296692c31bf96c4c
SHA512

f76d63cfa053aef11c137b2d877fc557051968c389dc237ee1b16cb70734d6ea871378db1fecc1a68c740c32b6c286670ed6e6c3ed05145c6a130a01bd8c82d3
SSDEEP

768:J9G/hKUVqysJ1dlMqrIRZ3vDEAiAGAJniMDkiso8ExcyAHG+993kb9xgn8Af98Ek:kKiuks1GIVksf7w0lLnJheKVC7

Score

N/A

Malware Config

Signatures

Files

907608585ab32ee4c0436e6ef8922cf4e601a57e6ca07ea1296692c31bf96c4c
.dll windows x86

1131434c8ec3c91b70fdd9abdf501e98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
recv
socket
WSAStartup
inet_addr
closesocket
htons
gethostbyaddr
gethostbyname
send
connect

kernel32

VirtualAllocEx
VirtualFreeEx
lstrlenA
lstrlenW
OpenProcess
CreateRemoteThread
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
GetSystemDirectoryA
DeleteFileA
CreateThread
FindFirstFileA
CopyFileA
IsBadReadPtr
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetProcAddress
CreateFileA
CreateFileMappingA
VirtualProtect
VirtualQuery
WriteProcessMemory
LoadLibraryA
CreateFileMappingW
MultiByteToWideChar
DuplicateHandle
GetVersion

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

msvcrt

_strdup
strncmp
_snprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
memcpy
_initterm
_adjust_fdiv
_strlwr
free
strcat
strlen
memset
strstr
strcpy
_stricmp
sprintf
malloc
strtol

Exports

Exports

input

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1131434c8ec3c91b70fdd9abdf501e98

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 8KB