General

Malware Config

Signatures

Files

• Backdoor.Win32.IRCNite.jbb1cec6181f1959c0f74b97ccefc9506b9447061d970dabc5c7e0688e9547b71a2.bin

  .exe windows x86

  5d3b94065dfa119e6a544e5e4ce0b274

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  nddeapi

  NDdeShareEnumA

  NDdeShareSetInfoA

  NDdeShareGetInfoA

  rsaenh

  CPCreateHash

  CPGenKey

  CPDecrypt

  CPDeriveKey

  authz

  AuthzFreeContext

  AuthzInitializeContextFromSid

  AuthzFreeAuditEvent

  user32

  LoadCursorA

  InsertMenuW

  PeekMessageA

  GetDlgItemTextA

  MessageBoxA

  GetMessageW

  IsCharLowerW

  PostMessageA

  GetPropA

  LoadBitmapW

  CharToOemA

  kernel32

  SearchPathA

  FindVolumeClose

  GetStartupInfoW

  ResumeThread

  CreateFileA

  InterlockedIncrement

  WriteConsoleW

  GetCommandLineW

  CreateNamedPipeW

  WaitForSingleObject

  LoadLibraryA

  GetComputerNameExA

  GetProcAddress

  GetFileAttributesA

  lstrcmpW

  FormatMessageA

  FindNextFileA

  FileTimeToSystemTime

  DeleteFileW

  CreateDirectoryW

  SetErrorMode

  CreateSemaphoreW

  FindFirstFileW

  GetLocalTime

  GetModuleFileNameA

  GetModuleHandleA

  GetConsoleAliasA

  GetCurrentDirectoryA

  GetPriorityClass

  FindResourceExW

  GetLogicalDriveStringsW

  CreateEventA

  Sections

  .text

  Size: 148KB - Virtual size: 147KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .css

  Size: - Virtual size: 320KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_WRITE