252cdc24c4bb44420567c7e8d5eb7fa1a0668b54bb365a5f94fd60e1bdbef5d7

Sharing

Copy URL Twitter E-mail

General

Target

252cdc24c4bb44420567c7e8d5eb7fa1a0668b54bb365a5f94fd60e1bdbef5d7
Size

892KB
MD5

2a8c3f1ca3153237e40ef66c87d2f7d3
SHA1

cab3eca3f6b03378942b81d05bb3f048ac96e100
SHA256

252cdc24c4bb44420567c7e8d5eb7fa1a0668b54bb365a5f94fd60e1bdbef5d7
SHA512

143d95da7ea75b238c86d02e48c4da1e5f9fb001d1c16959e3daf30cd17b5c9fc608824f3f64e05b7935658444941812975d28ef11068c82e7ff516ae1258c47
SSDEEP

24576:5c9kqh8NYmO6fldgKGiV7lP2C14EmeMSlnHbVY:G9kq6zrgUGC1Hp57VY

Score

1^/10

Malware Config

Signatures

Files

252cdc24c4bb44420567c7e8d5eb7fa1a0668b54bb365a5f94fd60e1bdbef5d7
.dll windows x86

2b2bd3fc5eb680a7f966dd3215773df7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetVolumeInformationA
GetCurrentThread
DecodePointer
WriteConsoleW
VirtualAlloc
VirtualQuery
InterlockedCompareExchange
GetCurrentThreadId
GetLastError
ResumeThread
FlushInstructionCache
GetCurrentProcess
SetThreadContext
GetThreadContext
VirtualFree
SuspendThread
SetLastError
GetProcAddress
FreeLibrary
LoadLibraryExW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
LCMapStringW
GetStringTypeW
GetACP
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CloseHandle
CreateFileW

user32

MessageBoxW

ws2_32

recv
send

Exports

Exports

ClientAdd

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 807KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b2bd3fc5eb680a7f966dd3215773df7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 4KB

.detourd Size: 512B - Virtual size: 12B

.detourc Size: 4KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 208B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 807KB - Virtual size: 2.7MB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 4KB

.detourd
Size: 512B - Virtual size: 12B

.detourc
Size: 4KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 208B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 807KB - Virtual size: 2.7MB