Sample details: d7516ad354a3be2299759cd21e161a04 --

Hashes
MD5: d7516ad354a3be2299759cd21e161a04
SHA1: e3961fa35a53a2c8933717b612e105e7b7e9c9a5
SHA256: 52438e0150d2d0304abcd324194e390b99a27bf7357938a32da75b4470db2e22
SSDEEP: 768:Fd1Vf18/EH3prwHI/pUO9HuHZGIlelnBLT3jofXpYkcxI0t7XQojS6H:Fd1Vf1gVo/pB9H+blnhfSvTQx
Details
File Type: MS-DOS
Yara Hits
YRP/Microsoft_Visual_Cpp_v50v60_MFC | YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasModified_DOS_Message | YRP/domain | YRP/IP | YRP/contentis_base64 | YRP/network_udp_sock | YRP/network_tcp_socket | YRP/win_files_operation | YRP/MD5_Constants | YRP/Str_Win32_Winsock2_Library |
Strings
		YY_^[]
QQSUV3
FC;t$ 
D$$_^]
HtuHHthHt
Yt[=F'
9~0YYu
9~Du'9~0u"9~4u
ItfItWIt>
H`_^][Y
L$$YYu
F,YY_^[
YY9n,w
s4_^][
s4_^][
YuZ!D$
q4_^][Y
t"jGht
t]9w<u
G<9wHu
t]9w@u
G@9wLu
t]9wDu
GD9wPu
H$9q,u@
P(;B u
P(;B u
q(;N u
x,9y$t
P(;B u
q(;N u
x,9y t
P(;B u
p(;F u
Q(;J u
p(;F u
Q(;J u
G0Y+F(
t'It I
SUVWPh
[,i33L
%u.%u.%u.%u
0123456789
0123456789abcdef
0123456789ABCDEF
Connection
nginx 0.8
Server
HTTP/1.1 200 OK
Content-Length: %u
Connection: close
%s: %s
HTTP/1.0 %s
400 Bad Request
404 Not Found
414 Request-URI Too Large
505 HTTP Version not supported
!((handle)->flags & UV__HANDLE_CLOSING)
Z:\Sputnik\source\libuv\win\handle.c
Z:\Sputnik\source\libuv\win\udp.c
!(handle->flags & UV_HANDLE_CLOSED)
!(handle->flags & UV_HANDLE_IPV6)
handle->socket == INVALID_SOCKET
(handle)->activecnt > 0
(((handle))->flags & UV__HANDLE_CLOSING) == 0
handle->recv_buffer.len > 0
!(handle->flags & UV_HANDLE_READ_PENDING)
handle->flags & UV_HANDLE_READING
(handle)->activecnt >= 0
((handle))->activecnt > 0
((((handle)))->flags & UV__HANDLE_CLOSING) == 0
handle->reqs_pending > 0
buf.len > 0
handle->type == UV_UDP
uv__has_active_reqs((loop))
((handle))->activecnt >= 0
Z:\Sputnik\source\libuv\win\handle-inl.h
Z:\Sputnik\source\libuv\win\req-inl.h
result == WAIT_OBJECT_0
result
Z:\Sputnik\source\libuv\win\core.c
Z:\Sputnik\source\libuv\win\tcp.c
backlog > 0
req->accept_socket == INVALID_SOCKET
handle->flags & UV_HANDLE_LISTENING
!timed_out
handle != NULL
req != NULL
server->flags & UV_HANDLE_TCP_SINGLE_ACCEPT
req->event_handle
handle->read_buffer.len > 0
handle->type == UV_TCP
handle->write_queue_size >= req->queued_bytes
!((tcp)->flags & UV__HANDLE_CLOSING)
(tcp)->activecnt >= 0
socket != 0 && socket != INVALID_SOCKET
Z:\Sputnik\source\libuv\win\stream.c
Z:\Sputnik\source\libuv\win\async.c
((handle)->flags & UV__HANDLE_CLOSING) == 0
req->type == UV_WAKEUP
handle->type == UV_ASYNC
Z:\Sputnik\source\libuv\win\loop-watcher.c
handle->type == UV_PREPARE
handle->type == UV_CHECK
handle->type == UV_IDLE
Z:\Sputnik\source\libuv\win\timer.c
((timer)->flags & UV__HANDLE_CLOSING) == 0
0.0.0.0
CancelIoEx
SetFileCompletionNotificationModes
kernel32.dll
NtDeviceIoControlFile
RtlNtStatusToDosError
ntdll.dll
_stricmp
memcpy
memcmp
memmove
memset
_snwprintf
_aullrem
_aullshr
_allmul
_allshl
sprintf
strlen
strchr
strcmp
strncmp
strspn
strcspn
tolower
_snprintf
ntdll.dll
InterlockedDecrement
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
InitializeCriticalSection
SetEvent
DeleteCriticalSection
GetModuleFileNameW
CloseHandle
CreateThread
CreateEventA
RegisterWaitForSingleObject
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
UnregisterWaitEx
GetLastError
ConnectNamedPipe
BindIoCompletionCallback
CreateNamedPipeW
ReadFile
WriteFile
WaitForSingleObject
KERNEL32.dll
malloc
_pctype
_isctype
__mb_cur_max
_assert
_errno
MSVCRT.dll
WSACreateEvent
WSARecvFrom
WSARecv
WSASendTo
WSASend
WSAIoctl
WS2_32.dll
GetAdaptersInfo
NotifyAddrChange
iphlpapi.dll
CoInitialize
CoCreateInstance
ole32.dll
OLEAUT32.dll
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ADVAPI32.dll
CreateIoCompletionPort
SetHandleInformation
SetErrorMode
GetQueuedCompletionStatus
InterlockedCompareExchange
UnregisterWait
PostQueuedCompletionStatus
CancelIo
GetTickCount
GetProcAddress
GetModuleHandleA
_strdup
3L3R3W3]3f3y3
384@4E4K4S4t4}4
6(646F6N6S6Y6a6
=%=+=H=V=
>#>O>{>
191X1c1
1^2s2y2
263@3N3W3_3
5<6D6S6x6
<#<X<b<t<
?2?7?I?
6$6.6I6m6x6
7!838=8V8h8r8
:":6:l:{:
7$7*70767<7B7H7N7g7l7r7
:C;H;N;
<.<9<w<|<
=/=A=K=`=
^0c0i0
141O1U1
2j3o3u3
5G6O6d6z6
9[9m9~9
<'<4<U<g<
=8=C={=
?;?@?F?
0"0G0L0R0^0~0
141O1T1l1q1
1`2m2w2
2S3a3n3
656:6@6`6
7@7J7T7
8$919~9
:2:@:M:d:{:
<a<f<l<
<C=H=N=
>)>/>h>n>
>"?'?-?n?s?y?
0B0d0i0o0
272X2i2t2|2
3#4(4.4|4
5%5k5p5v5
7,888I8
3080>01282N3
4%4+4s4{4
6,7[7g7t7
778>8F8
<V=j=|=