80a65b4b15a1dd72e7fef88c9e2e0c76bfa7175b52e046843599d043524ea7e0

Sharing

Copy URL Twitter E-mail

General

Target

80a65b4b15a1dd72e7fef88c9e2e0c76bfa7175b52e046843599d043524ea7e0
Size

230KB
MD5

70068441f743e60956d99570091ed3a0
SHA1

9f37b15ccbe7278740f49fac23c1ab70a0ea996d
SHA256

80a65b4b15a1dd72e7fef88c9e2e0c76bfa7175b52e046843599d043524ea7e0
SHA512

351b7a094ee00c59083c89ae214b4a16be56740cc10aebf952c773a6a43594b3352b374c44a83f382db040d0f78bf75b007e7badaa90a81351f6566bd47b1716
SSDEEP

6144:DQvSbCa12YnOeYTya+iEo9/GnCmEPq2ii7z9jphmO+:Uvla1XOeI+iEote3EPviM9jpQ

Score

N/A

Malware Config

Signatures

Files

80a65b4b15a1dd72e7fef88c9e2e0c76bfa7175b52e046843599d043524ea7e0
.exe windows x86

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasSetDeviceConfigInfo
RasReferenceRasman
RasGetNumPortOpen
RasGetConnectionUserData
RasRpcDisconnectServer
RasRefConnection
RasPortReceiveEx
RasSetAddressDisable
RasSetConnectionParams
RasPortFree
RasPortSetInfo
RasGetBuffer
RasLinkGetStatistics
RasRegisterRedialCallback
IsRasmanProcess
RasPortSend

oleaut32

VarDecFromR8
VARIANT_UserUnmarshal
VarUI2FromDisp
VarDateFromUI2
VarR4FromUI1
VarUI4FromCy
VarUI4FromR8
VarDateFromR4
VarBoolFromR4
SafeArrayGetDim
VarBoolFromDisp
VarParseNumFromStr
VarBstrFromI2
SystemTimeToVariantTime
VarDateFromUdate
VarBstrFromR4
OleLoadPicture
VarUI4FromI2
VarNumFromParseNum

msvcrt

_mbsnbcoll
iswlower
remove
_mbsbtype
_mbscmp
_putws
__getmainargs
_stat
__p__commode
__p__fmode
_ismbbprint
__p__winmajor
memmove
__set_app_type
exit

utildll

IsPartOfDomain
RegGetNetworkServiceName
GetUnknownString
DateTimeString
InitializeAnonymousUserCompareList
TestUserForAdmin
CalculateDiffTime
HaveAnonymousUsersChanged
CachedGetUserFromSid
CalculateElapsedTime
StrConnectState
InstallModem
StrSdClass
GetSystemMessageW
GetSystemMessageA
WinEnumerateDevices
NetworkDeviceEnumerate
QueryCurrentWinStation
StrSystemWaitReason
EnumerateMultiUserServers
ConfigureModem
RegGetNetworkDeviceName
StrProcessState

hhsetup

?AddChildFolder@CFolder@@QAEPAV1@PBDKPAKG@Z
?GetTitle@CFolder@@QAEPADXZ
?GetOrder@CFolder@@QAEKXZ
?AddChildFolder@CFolder@@QAEPAV1@PBGKPAKG@Z
?SetId@CTitle@@QAEXPBD@Z
?Open@CCollection@@QAEKPBG@Z
??1CTitle@@QAE@XZ
?AddTitle@CCollection@@QAEPAVCTitle@@PBG0000GIPAVCLocation@@PAKH0@Z
?AddChildFolder@CFolder@@QAEKPAV1@@Z
?FindTitle@CCollection@@QAEPAVCTitle@@PBDG@Z
?FindLocation@CCollection@@QAEPAVCLocation@@PBGPAI@Z
?GetTitle@CLocation@@QAEPADXZ
?SetId@CLocation@@QAEXPBG@Z
?HandleTitle@CCollection@@AAEKPAVCParseXML@@PAD@Z
?GetVersion@CCollection@@QAEKXZ
?GetMasterCHM@CCollection@@QAEHPAPADPAG@Z
?SetTitle@CLocation@@QAEXPBG@Z

odbcjt32

SQLGetTypeInfoW
LoginDialogProc
OpenDirHook
SQLFreeStmt
SQLSetDescFieldW
SQLGetInfoW
SQLPutData
SQLFreeConnect
InitializeLoginDialog
SQLGetCursorNameW
SQLExtendedFetch
SQLProceduresW
SQLConnectW
SQLGetConnectAttrW

shell32

SHGetMalloc

kernel32

WriteConsoleW
CreateFileW
ClearCommError
GetProcessId
CreateConsoleScreenBuffer
LoadLibraryW
GetUserDefaultLCID
GetEnvironmentStringsA
GlobalFindAtomA
GetAtomNameA
FindNextVolumeMountPointW
GetWindowsDirectoryW
BeginUpdateResourceA
GetLocaleInfoA
WritePrivateProfileStringW

user32

MessageBoxW
EndDialog

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

Imports

rasman

oleaut32

msvcrt

utildll

hhsetup

odbcjt32

shell32

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 5KB - Virtual size: 4KB