ae5d396f061a4de6a02e3cd3e12a43e1fbe34a012ea2ff82c0eca5d04454329a

General

Target

ae5d396f061a4de6a02e3cd3e12a43e1fbe34a012ea2ff82c0eca5d04454329a
Size

112KB
MD5

4eb3b705f4668a832cdc52e78a4e4361
SHA1

41eba9d1afe41032b9bb9dd948148aefbe804f18
SHA256

ae5d396f061a4de6a02e3cd3e12a43e1fbe34a012ea2ff82c0eca5d04454329a
SHA512

f08175e76ad7ac014f51897a3472d18195a24b3be5ca9a11af1b754834f4fd17c7976e8d0a6766e6d48c9f023deb353a692b8a4df6026c8d45cfebe269c303d4
SSDEEP

3072:Cj3eTCAUHXpzhkFMMpqjRJOuyUWY8PoN58s:Cj3eWLsFwjauf

Score

N/A

Malware Config

Signatures

Files

ae5d396f061a4de6a02e3cd3e12a43e1fbe34a012ea2ff82c0eca5d04454329a
.exe windows x86

a90c821b2c891649077dbacacc5f103a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

iprtprio

GetPriorityInfo
ComputeRouteMetric
SetPriorityInfo

shlwapi

PathFindFileNameW
StrStrIW
StrStrW
PathFindExtensionA
PathStripToRootW
StrCmpIW
PathGetDriveNumberA
StrStrA
StrTrimW
PathRemoveExtensionW
PathSkipRootA
StrCSpnW
StrCmpW
StrTrimA
StrStrIA
PathStripToRootA
PathSkipRootW
PathRemoveExtensionA
PathGetDriveNumberW
PathStripPathA
PathFindFileNameA
PathFindExtensionW

kernel32

CreateFileA
GetCurrentThread
VerifyVersionInfoW
VirtualAlloc
GetCompressedFileSizeW
WriteFile
GetConsoleWindow
GetStartupInfoW
GetFileAttributesA
GetConsoleTitleW
GetFileAttributesW
GetCommandLineW
GetCurrentProcessId
CopyFileA
GetLocalTime
GetVersion
GetCurrentThreadId
GetConsoleTitleA
GetCommandLineA
lstrcmpW
ExitProcess
lstrlenW
GetCompressedFileSizeA
CloseHandle
GetCurrentProcess
GetSystemTime
ReadFile
VirtualFree

tapi32

lineSetupConference
lineSetAgentSessionState
phoneInitialize
lineGetConfRelatedCalls
phoneGetIDW
LOpenDialAsst
lineGetIcon
linePrepareAddToConference
MMCGetPhoneStatus
lineRemoveFromConference
lineUnparkW
tapiRequestMakeCallA
lineBlindTransferA
lineHandoff
lineProxyMessage
phoneGetIconW
phoneGetButtonInfo
lineGetTranslateCaps
lineGetAgentCapsA
lineGetIDA
lineShutdown
MMCGetProviderList
phoneConfigDialogA
lineTranslateAddressA
MMCAddProvider
lineGetAddressCapsW
lineTranslateDialogW
lineForward
lineGetLineDevStatusA
lineSetLineDevStatus

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a90c821b2c891649077dbacacc5f103a

Headers

File Characteristics

Imports

iprtprio

shlwapi

kernel32

tapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 92KB - Virtual size: 104KB

.data Size: 8KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 92KB - Virtual size: 104KB

.data
Size: 8KB - Virtual size: 4KB