6ee397be7161e5dbeff42fab80346d0d07257b2dffe1138f1f5f92fa2c09e258

General

Target

6ee397be7161e5dbeff42fab80346d0d07257b2dffe1138f1f5f92fa2c09e258
Size

16KB
MD5

a90cedc78c9fadd943586c7e0f702365
SHA1

c4708a36513e3112f959ffcfe33534a949f3ef1d
SHA256

6ee397be7161e5dbeff42fab80346d0d07257b2dffe1138f1f5f92fa2c09e258
SHA512

674106b56265d13ff090c6c6e7633ba4e0cdd765072b90ef28c3603c703af47db09ad756bb0e21b88de79a09d94c1f6372636a6b82ea6ce6d05dc46cfbd24a11
SSDEEP

192:1OIt31YVamI3X3PGR6ylM402ZJZ8d9iiiiiiiTSNNVJ8im6XS+XSyyd:1V91fm4nPG5KqjCdiwNVvSmSy

Score

1^/10

Malware Config

Signatures

Files

6ee397be7161e5dbeff42fab80346d0d07257b2dffe1138f1f5f92fa2c09e258
.dll windows x86

14ededdf6acb6a29c32818fd1f2d46db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
VirtualAlloc
WaitForSingleObject
Sleep
WinExec
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

ws2_32

WSAStartup
socket
gethostbyname
htons
connect
send
recv

urlmon

URLDownloadToFileA

msvcr100

_encoded_null
free
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_malloc_crt
memset
memcpy
exit
_initterm

Exports

Exports

UnityMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ededdf6acb6a29c32818fd1f2d46db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

urlmon

msvcr100

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 488B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 488B