7de43d427608991fd6cb877ae7208d345dbf581e5b105990b987c44099e3572b

Sharing

Copy URL Twitter E-mail

General

Target

7de43d427608991fd6cb877ae7208d345dbf581e5b105990b987c44099e3572b
Size

377KB
MD5

a62c9844de6789a0fedbff3b7718e560
SHA1

c3488e1ef07bde280bebbb69abbac095b90862bf
SHA256

7de43d427608991fd6cb877ae7208d345dbf581e5b105990b987c44099e3572b
SHA512

20c60b3673405b9a672a82423bc1a55fd5ebc56a363513a0214bec9c2fc3aeb43365495e33b9c86376759fdc94b206c033303d305204fbad26a5a90d5f03c34d
SSDEEP

6144:v2jyS2QnzeC05AQ59xt1kPLILF/Wy9ySUROs7jfAQF7HBzm3gl:v2uizeCXQ591JF/UL8s7joQFdOgl

Score

N/A

Malware Config

Signatures

Files

7de43d427608991fd6cb877ae7208d345dbf581e5b105990b987c44099e3572b
.zip
A VIRUS in C.doc
.doc windows office2003
Release/virus2.exe
.exe windows x86

e82dd51b077167be63c004bed23d0c1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Thumbs.db
pefile.cpp
shell.jpg
.jpg
shelldll/Release/shelldll.dll
.dll windows x86

425175f468a88026864b15985e8ea636

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
WriteFile
ReadFile
PeekNamedPipe
Sleep
CreateProcessA
CreatePipe
ExitThread
GetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
RtlUnwind

ws2_32

WSAStartup
htons
socket
bind
listen
accept
send
recv
closesocket

Exports

Exports

main

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shelldll/head.h
shelldll/shell.cpp
shelldll/shelldll.dsp
shelldll/shelldll.dsw
shelldll/shelldll.ncb
shelldll/shelldll.opt
url.jpg
.jpg
virus2.dsp
virus2.dsw
virus2.ncb
virus2.opt

Sharing

General

Malware Config

Signatures

Files

e82dd51b077167be63c004bed23d0c1e

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 78B

.data Size: - Virtual size: 4B

425175f468a88026864b15985e8ea636

Headers

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 78B

.data
Size: - Virtual size: 4B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB