da2b014ed66dd40c146cbda7c97cce961c4b81331bd08ead1e00298f0d16fbc9

Sharing

Copy URL Twitter E-mail

General

Target

da2b014ed66dd40c146cbda7c97cce961c4b81331bd08ead1e00298f0d16fbc9
Size

120KB
MD5

571793d120323ea901fde9c877070baa
SHA1

126a993b178909823e9403b6342c87295ccefdc6
SHA256

da2b014ed66dd40c146cbda7c97cce961c4b81331bd08ead1e00298f0d16fbc9
SHA512

06eed904f4a23fb2c6a2fb129451eee516ea10f647023d55816f00d806d89a166af03e4eecb020524880d6f4f5dbb4d8be7b08fdf100b6de28f8232df41a0b48
SSDEEP

3072:YxvNsTBYCabCHffdVC9/K4A2ItVjLnzvz:BWCabifdwJKT22zr

Score

N/A

Malware Config

Signatures

Files

da2b014ed66dd40c146cbda7c97cce961c4b81331bd08ead1e00298f0d16fbc9
.dll windows x86

af3d292127614c64ab789bac3c5d229c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
inet_addr
gethostbyname
gethostbyaddr
closesocket
htons
connect
send
recv
WSACleanup

kernel32

FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetSystemDirectoryA
GetModuleFileNameA
IsBadReadPtr
WideCharToMultiByte
MultiByteToWideChar
CopyFileA
DeleteFileA
FreeLibrary
GetModuleHandleA
FindFirstFileA
GetCurrentProcessId
CreateFileA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetProcAddress
WriteProcessMemory
LoadLibraryA
CreateFileMappingW
GetVersion
DuplicateHandle
GetCurrentProcess
lstrlenW
lstrlenA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
OpenProcess
CreateFileMappingA
EnterCriticalSection
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteFile
InitializeCriticalSection
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Exports

Exports

input

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af3d292127614c64ab789bac3c5d229c

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 100KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 12KB - Virtual size: 12KB