35d2eb5eae5d2c7de00c09e3f75a27c5eac43cef9b06ad6dfc58fcc76762ad3e

Sharing

Copy URL

Twitter E-mail

General

Target

35d2eb5eae5d2c7de00c09e3f75a27c5eac43cef9b06ad6dfc58fcc76762ad3e
Size

126KB
MD5

e5387e98921ca6fa40aa7147196c80a6
SHA1

45c9316c88fe560082996001d73ff4ec694a6a45
SHA256

35d2eb5eae5d2c7de00c09e3f75a27c5eac43cef9b06ad6dfc58fcc76762ad3e
SHA512

a2b591635842d40934c386b88f4c9f5e0953a05332be16d78a12af1fe58b0c1b2c70e58c50a1632a6fe7a4f0790bb460b74355e70a259726b8ec7e5315fa1051
SSDEEP

3072:MATmhSENqoE+UH0K3o6N9tpOttX6eTdC4PLvI:dmEE4o5UH0v69pOttqGdCyE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35d2eb5eae5d2c7de00c09e3f75a27c5eac43cef9b06ad6dfc58fcc76762ad3e

Files

35d2eb5eae5d2c7de00c09e3f75a27c5eac43cef9b06ad6dfc58fcc76762ad3e
.dll windows:5 windows x86

436fcc97a4424b3622fed0c61d9e15ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetIpAddrTable

ws2_32

recvfrom
WSAStartup
htonl
select
WSAGetLastError
htons
setsockopt
sendto
WSACleanup
socket
closesocket
ioctlsocket
ntohl

visa32

ord129
ord131
ord279
ord142
ord130
ord132
ord141

kernel32

GetSystemTimeAsFileTime
WaitForSingleObject
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle
CreateEventW
GetLastError
SetEvent

msvcp90

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z

msvcr90

_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
vsprintf_s
??3@YAXPAX@Z
??2@YAPAXI@Z
??_V@YAXPAX@Z
strcpy_s
_purecall
strrchr
memmove_s
_CxxThrowException
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
sprintf_s
_invalid_parameter_noinfo
wcstombs_s
strstr
fwrite
fseek
fclose
memset
strlen
malloc
srand
rand
strcpy
strcat
sprintf
fopen
ftell
fread
memcpy
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_time32

Exports

Exports

checkGPIBaddr
getAllDev
getGPIBaddr

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

436fcc97a4424b3622fed0c61d9e15ca

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

ws2_32

visa32

kernel32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 46KB - Virtual size: 47KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 46KB - Virtual size: 47KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 6KB