Sample details: b7c3e334648a6cbb03b550b842818409 --

Hashes
MD5: b7c3e334648a6cbb03b550b842818409
SHA1: 767be295f1e4adedf0e10532f9c1b7908d17383a
SHA256: f0781a1b879584f494d984e31869eab13f0535825f68862e6597b1639df708bd
SSDEEP: 768:eSJ6zgAawxDxNoJYHOJIlVGb2zCLMxsNBC+MmvR+aDWH0:eSuxNoJYHOn2zCIxCgMvBDm0
Details
File Type: PE32
Yara Hits
YRP/Visual_Cpp_2005_DLL_Microsoft | YRP/Visual_Cpp_2003_DLL_Microsoft | YRP/IsPE32 | YRP/IsDLL | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/anti_dbg | YRP/network_udp_sock | YRP/network_tcp_listen | YRP/network_tcp_socket | YRP/network_dns | YRP/Str_Win32_Winsock2_Library |
Parent Files
6180d83091ee7478094e50356d33f215
Strings
		!This program cannot be run in DOS mode.
`.rdata
@.data
.reloc
Hj&h,q
tJPh(l
L$(jdQ
D$0VWP
D$(VQP
l$4VW3
L$ PWQV
T$0Rhtk
D$ WPh|k
L$Tj Q
L$tQRP
T$,Rh4e
;D$\t&h?'
L$TQVW
RPQh0k
L$(Qh`h
L$,Qhlh
setdefaulttimeout
getdefaulttimeout
inet_ntoa
inet_aton
getprotobyname
getservbyport
getservbyname
gethostname
gethostbyaddr
gethostbyname_ex
gethostbyname
_socket.socket
the socket timeout
timeout
the socket protocol
the socket type
the socket family
family
shutdown
setsockopt
gettimeout
settimeout
setblocking
sendto
sendall
recvfrom_into
recvfrom
recv_into
listen
getsockopt
getsockname
getpeername
fileno
connect_ex
connect
accept
nbytes
buffer
freeaddrinfo
getnameinfo
getaddrinfo
\ws2_32
\wship6
host not found
getaddrinfo failed
unsupported address family
wildcard resolved to multiple address
<broadcast>
address family mismatched
%d.%d.%d.%d%c
unknown address family
getsockaddrarg: AF_INET address must be tuple, not %.500s
eti:getsockaddrarg
getsockaddrarg: port must be 0-65535.
getsockaddrarg: AF_INET6 address must be tuple, not %.500s
eti|ii
getsockaddrarg: bad family
getsockaddrlen: bad family
timed out
Timeout value out of range
iii:setsockopt
iis#:setsockopt
ii|i:getsockopt
getsockopt buflen out of range
i|i:recv
negative buffersize in recv
w*|ii:recv_into
negative buffersize in recv_into
buffer too small for requested bytes
i|i:recvfrom
negative buffersize in recvfrom
w*|ii:recvfrom_into
negative buffersize in recvfrom_into
s*|i:send
s*|i:sendall
s*O:sendto
s*iO:sendto
kO:ioctl
kI:ioctl
k(kkk):ioctl
invalid ioctl command %d
<socket object, fd=%ld, family=%d, type=%d, protocol=%d>
|iii:socket
s:gethostbyname
s:gethostbyname_ex
s:gethostbyaddr
s|s:getservbyname
service/proto not found
i|s:getservbyport
getservbyport: port must be 0-65535.
port/proto not found
s:getprotobyname
protocol not found
i:ntohs
can't convert negative number to unsigned long
expected int/long, %s found
i:htons
s:inet_aton
255.255.255.255
illegal IP address string passed to inet_aton
s#:inet_ntoa
packed IP wrong length for inet_ntoa
OO|iiii:getaddrinfo
encode
getaddrinfo() argument 1 must be string or None
Int or String expected
Oi:getnameinfo
getnameinfo() argument 1 must be a tuple
sockaddr resolved to multiple addresses
IPv4 sockaddr must be 2 tuple
WSAStartup failed: network not ready
WSAStartup failed: requested version not supported
WSAStartup failed: error code %d
_socket
socket.error
socket.herror
herror
socket.gaierror
gaierror
socket.timeout
SocketType
socket
has_ipv6
_socket.CAPI
AF_UNSPEC
AF_INET
AF_INET6
AF_IPX
AF_APPLETALK
AF_DECnet
AF_SNA
AF_IRDA
SOCK_STREAM
SOCK_DGRAM
SOCK_RAW
SOCK_SEQPACKET
SOCK_RDM
SO_DEBUG
SO_ACCEPTCONN
SO_REUSEADDR
SO_EXCLUSIVEADDRUSE
SO_KEEPALIVE
SO_DONTROUTE
SO_BROADCAST
SO_USELOOPBACK
SO_LINGER
SO_OOBINLINE
SO_SNDBUF
SO_RCVBUF
SO_SNDLOWAT
SO_RCVLOWAT
SO_SNDTIMEO
SO_RCVTIMEO
SO_ERROR
SO_TYPE
SOMAXCONN
MSG_OOB
MSG_PEEK
MSG_DONTROUTE
MSG_TRUNC
MSG_CTRUNC
SOL_SOCKET
SOL_IP
SOL_TCP
SOL_UDP
IPPROTO_IP
IPPROTO_ICMP
IPPROTO_TCP
IPPROTO_UDP
IPPROTO_RAW
IPPORT_RESERVED
IPPORT_USERRESERVED
INADDR_ANY
INADDR_BROADCAST
INADDR_LOOPBACK
INADDR_UNSPEC_GROUP
INADDR_ALLHOSTS_GROUP
INADDR_MAX_LOCAL_GROUP
INADDR_NONE
IP_OPTIONS
IP_HDRINCL
IP_TOS
IP_TTL
IP_RECVDSTADDR
IP_MULTICAST_IF
IP_MULTICAST_TTL
IP_MULTICAST_LOOP
IP_ADD_MEMBERSHIP
IP_DROP_MEMBERSHIP
IPV6_JOIN_GROUP
IPV6_LEAVE_GROUP
IPV6_MULTICAST_HOPS
IPV6_MULTICAST_IF
IPV6_MULTICAST_LOOP
IPV6_UNICAST_HOPS
IPV6_V6ONLY
IPV6_CHECKSUM
IPV6_DONTFRAG
IPV6_HOPLIMIT
IPV6_HOPOPTS
IPV6_PKTINFO
IPV6_RECVRTHDR
IPV6_RECVTCLASS
IPV6_RTHDR
IPV6_TCLASS
TCP_NODELAY
TCP_MAXSEG
EAI_AGAIN
EAI_BADFLAGS
EAI_FAIL
EAI_FAMILY
EAI_MEMORY
EAI_NODATA
EAI_NONAME
EAI_SERVICE
EAI_SOCKTYPE
AI_PASSIVE
AI_CANONNAME
AI_NUMERICHOST
AI_NUMERICSERV
AI_ALL
AI_ADDRCONFIG
AI_V4MAPPED
NI_MAXHOST
NI_MAXSERV
NI_NOFQDN
NI_NUMERICHOST
NI_NAMEREQD
NI_NUMERICSERV
NI_DGRAM
SHUT_RD
SHUT_WR
SHUT_RDWR
SIO_RCVALL
SIO_KEEPALIVE_VALS
RCVALL_OFF
RCVALL_ON
RCVALL_SOCKETLEVELONLY
RCVALL_MAX
C:\loewis\27\python\PCbuild\Win32-pgo\_socket.pdb
WSAIoctl
WS2_32.dll
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
KERNEL32.dll
PyString_FromString
PyErr_CheckSignals
PyInt_FromSsize_t
PyFloat_FromDouble
PyExc_IOError
PyInt_FromLong
PyBuffer_Release
Py_BuildValue
PyString_FromStringAndSize
PyInt_AsLong
PyObject_GenericGetAttr
PyString_AsString
PyErr_SetFromErrno
PyThread_acquire_lock
PyLong_FromUnsignedLong
PyThread_allocate_lock
PyCapsule_New
PyErr_SetObject
PyEval_RestoreThread
PyExc_OverflowError
_Py_NoneStruct
PyMem_Free
PyEval_SaveThread
PyArg_ParseTuple
PyOS_snprintf
PyExc_ValueError
PyErr_Occurred
PyObject_Free
PyModule_AddIntConstant
PyErr_SetString
PyObject_CallMethod
PyType_GenericAlloc
_Py_TrueStruct
PyErr_NewException
PyLong_AsUnsignedLong
PyArg_ParseTupleAndKeywords
PyTuple_Pack
_PyString_Resize
PyType_Type
PyErr_Clear
PyFloat_AsDouble
PyList_New
PyType_GenericNew
Py_AtExit
PyErr_SetExcFromWindowsErr
PyErr_Format
PyModule_AddObject
PyExc_TypeError
Py_InitModule4
PyExc_ImportError
PyThread_release_lock
PyList_Append
python27.dll
sprintf_s
sscanf
calloc
strerror
strchr
_errno
strcpy_s
strtoul
strcat_s
strncpy_s
MSVCR90.dll
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_onexit
_except_handler4_common
_crt_debugger_hook
InterlockedExchange
InterlockedCompareExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
memset
memcpy
_socket.pyd
init_socket
init_sockobject
Dsocket([family[, type[, proto]]]) -> socket object
Open a socket of the given type.  The family argument specifies the
address family; it defaults to AF_INET.  The type argument specifies
whether this is a stream (SOCK_STREAM, this is the default)
or datagram (SOCK_DGRAM) socket.  The protocol argument defaults to 0,
specifying the default protocol.  Keyword arguments are accepted.
A socket object represents one endpoint of a network connection.
Methods of socket objects (keyword arguments not allowed):
accept() -- accept a connection, returning new socket and client address
bind(addr) -- bind the socket to a local address
close() -- close the socket
connect(addr) -- connect the socket to a remote address
connect_ex(addr) -- connect, return an error code instead of an exception
dup() -- return a new socket object identical to the current one [*]
fileno() -- return underlying file descriptor
getpeername() -- return remote address [*]
getsockname() -- return local address
getsockopt(level, optname[, buflen]) -- get socket options
gettimeout() -- return timeout or None
listen(n) -- start listening for incoming connections
makefile([mode, [bufsize]]) -- return a file object for the socket [*]
recv(buflen[, flags]) -- receive data
recv_into(buffer[, nbytes[, flags]]) -- receive data (into a buffer)
recvfrom(buflen[, flags]) -- receive data and sender's address
recvfrom_into(buffer[, nbytes, [, flags])
  -- receive data and sender's address (into a buffer)
sendall(data[, flags]) -- send all data
send(data[, flags]) -- send data, may not send all of it
sendto(data[, flags], addr) -- send data to a given address
setblocking(0 | 1) -- set or clear the blocking I/O flag
setsockopt(level, optname, value) -- set socket options
settimeout(None | float) -- set or clear the timeout
shutdown(how) -- shut down traffic in one or both directions
 [*] not available on all platforms!
accept() -> (socket object, address info)
Wait for an incoming connection.  Return a new socket representing the
connection, and the address of the client.  For IP sockets, the address
info is a pair (hostaddr, port).
setblocking(flag)
Set the socket to blocking (flag is true) or non-blocking (false).
setblocking(True) is equivalent to settimeout(None);
setblocking(False) is equivalent to settimeout(0.0).
settimeout(timeout)
Set a timeout on socket operations.  'timeout' can be a float,
giving in seconds, or None.  Setting a timeout of None disables
the timeout feature and is equivalent to setblocking(1).
Setting a timeout of zero is the same as setblocking(0).
gettimeout() -> timeout
Returns the timeout in floating seconds associated with socket 
operations. A timeout of None indicates that timeouts on socket 
operations are disabled.
setsockopt(level, option, value)
Set a socket option.  See the Unix manual for level and option.
The value argument can either be an integer or a string.
getsockopt(level, option[, buffersize]) -> value
Get a socket option.  See the Unix manual for level and option.
If a nonzero buffersize argument is given, the return value is a
string of that length; otherwise it is an integer.
bind(address)
Bind the socket to a local address.  For IP sockets, the address is a
pair (host, port); the host must refer to the local host. For raw packet
sockets the address is a tuple (ifname, proto [,pkttype [,hatype]])
close()
Close the socket.  It cannot be used after this call.
connect(address)
Connect the socket to a remote address.  For IP sockets, the address
is a pair (host, port).
connect_ex(address) -> errno
This is like connect(address), but returns an error code (the errno value)
instead of raising an exception when an error occurs.
fileno() -> integer
Return the integer file descriptor of the socket.
getsockname() -> address info
Return the address of the local endpoint.  For IP sockets, the address
info is a pair (hostaddr, port).
getpeername() -> address info
Return the address of the remote endpoint.  For IP sockets, the address
info is a pair (hostaddr, port).
listen(backlog)
Enable a server to accept connections.  The backlog argument must be at
least 1; it specifies the number of unaccepted connection that the system
will allow before refusing new connections.
recv(buffersize[, flags]) -> data
Receive up to buffersize bytes from the socket.  For the optional flags
argument, see the Unix manual.  When no data is available, block until
at least one byte is available or until the remote end is closed.  When
the remote end is closed and all data is read, return the empty string.
recv_into(buffer, [nbytes[, flags]]) -> nbytes_read
A version of recv() that stores its data into a buffer rather than creating 
a new string.  Receive up to buffersize bytes from the socket.  If buffersize 
is not specified (or 0), receive up to the size available in the given buffer.
See recv() for documentation about the flags.
recvfrom(buffersize[, flags]) -> (data, address info)
Like recv(buffersize, flags) but also return the sender's address info.
recvfrom_into(buffer[, nbytes[, flags]]) -> (nbytes, address info)
Like recv_into(buffer[, nbytes[, flags]]) but also return the sender's address info.
send(data[, flags]) -> count
Send a data string to the socket.  For the optional flags
argument, see the Unix manual.  Return the number of bytes
sent; this may be less than len(data) if the network is busy.
sendall(data[, flags])
Send a data string to the socket.  For the optional flags
argument, see the Unix manual.  This calls send() repeatedly
until all data is sent.  If an error occurs, it's impossible
to tell how much data has been sent.
sendto(data[, flags], address) -> count
Like send(data, flags) but allows specifying the destination address.
For IP sockets, the address is a pair (hostaddr, port).
shutdown(flag)
Shut down the reading side of the socket (flag == SHUT_RD), the writing side
of the socket (flag == SHUT_WR), or both ends (flag == SHUT_RDWR).
ioctl(cmd, option) -> long
Control the socket with WSAIoctl syscall. Currently supported 'cmd' values are
SIO_RCVALL:  'option' must be one of the socket.RCVALL_* constants.
SIO_KEEPALIVE_VALS:  'option' is a tuple of (onoff, timeout, interval).
gethostname() -> string
Return the current host name.
gethostbyname(host) -> address
Return the IP address (a string of the form '255.255.255.255') for a host.
gethostbyname_ex(host) -> (name, aliaslist, addresslist)
Return the true host name, a list of aliases, and a list of IP addresses,
for a host.  The host argument is a string giving a host name or IP number.
gethostbyaddr(host) -> (name, aliaslist, addresslist)
Return the true host name, a list of aliases, and a list of IP addresses,
for a host.  The host argument is a string giving a host name or IP number.
getservbyname(servicename[, protocolname]) -> integer
Return a port number from a service name and protocol name.
The optional protocol name, if given, should be 'tcp' or 'udp',
otherwise any protocol will match.
getservbyport(port[, protocolname]) -> string
Return the service name from a port number and protocol name.
The optional protocol name, if given, should be 'tcp' or 'udp',
otherwise any protocol will match.
getprotobyname(name) -> integer
Return the protocol number for the named protocol.  (Rarely used.)
ntohs(integer) -> integer
Convert a 16-bit integer from network to host byte order.
ntohl(integer) -> integer
Convert a 32-bit integer from network to host byte order.
htons(integer) -> integer
Convert a 16-bit integer from host to network byte order.
htonl(integer) -> integer
Convert a 32-bit integer from host to network byte order.
inet_aton(string) -> packed 32-bit IP representation
Convert an IP address in string format (123.45.67.89) to the 32-bit packed
binary format used in low-level network functions.
inet_ntoa(packed_ip) -> ip_address_string
Convert an IP address from 32-bit packed binary format to string format
getaddrinfo(host, port [, family, socktype, proto, flags])
    -> list of (family, socktype, proto, canonname, sockaddr)
Resolve host and port into addrinfo struct.
getnameinfo(sockaddr, flags) --> (host, port)
Get host and port for a sockaddr.
getdefaulttimeout() -> timeout
Returns the default timeout in floating seconds for new socket objects.
A value of None indicates that new socket objects have no timeout.
When the socket module is first imported, the default is None.
setdefaulttimeout(timeout)
Set the default timeout in floating seconds for new socket objects.
A value of None indicates that new socket objects have no timeout.
When the socket module is first imported, the default is None.
Implementation module for socket operations.
See the socket module for documentation.
0,050T0
1 1*1:1C1K1U1e1n1v1
2%2/292C2P2Z2d2n2x2
3#303=3J3W3g3t3
4,4<4F4P4]4j4w4
5#5-575D5N5X5b5l5v5
6 6-676A6K6X6e6r6
7'7I7S7]7g7s7x7
8.878O8g8|8
9$9<9T9Z9n9
:1:>:V:
;K;Y;d;j;~;
=-=A=G=
>W>\>s>
?*?:?@?F?L?R?X?_?f?m?t?{?
0'0.060B0^0
2!2(2/2@2J2Q2W2_2u2~2
3'3.3F3M3b3
4(4/4<4D4K4Y4`4g4|4
5$525:5A5P5W5^5t5{5
6"6>6M6j6|6
7*737@7E7L7b7l7
8!858<8K8[8k8
9D:M:T:]:d:
;1;j;|;
<4<;<V<]<m<
<A=W=~=
>)>0>:>A>M>T>
?$?9?B?O?y?
282@2G2k2
3;3J3i3
4&4C4Z4w4
5F5O5]5b5i5
6&686O6V6e6
8%8<8E8
8-9C9J9Q9_9t9{9
96:N:T:
?1?K?P?b?w?~?
	0$030C0J0Z0
0'1.151\1q1~1
2^3e3n3
485x5~5
5-6U6[6c6v6
7/858C8H8O8
9"9)9U9]9d9
:=:E:L:h:m:t:
;';-;^;h;n;
<.<F<M<f<k<p<w<
<0=6=A=^=d=k=
=	>f>k>r>
?Q?V?]?
0$0Y0h0
0%121@1N1S1Z1}1
2C3Y3b3
4=4]4l4q4x4
647I7T7Z7y7
4282`2d2
4(4D4H4d4h4
9$9(9,94989<9D9H9L9T9X9\9d9h9l9t9x9|9
:$:8:H:L:\:`:p:t:
;$;(;D;H;L;P;
85<5D5H5L5T5X5\5d5h5l5t5x5|5
6$6(6,64686<6D6X6