1564a8072ef56da7b655281b585d6d2ca061a9c007134c512b7013087df885da

General

Target

1564a8072ef56da7b655281b585d6d2ca061a9c007134c512b7013087df885da
Size

514KB
MD5

6d877461e8669db05d9f195ff8969ab0
SHA1

e83010a1b839b1c05a0b92ffd9dd334f90c1726f
SHA256

1564a8072ef56da7b655281b585d6d2ca061a9c007134c512b7013087df885da
SHA512

2afd59b803885f7675aecfaf5413ea30423d0dc85018911bc9e09f4e67944a39b8c911bd54f0166d03bd3ae951c5f2ea30c63fb470a16e5b542f182a60daec26
SSDEEP

12288:pozLCfDBdWjHnh9UFREbo1ZkuH14NpFEklqOe+i:WzWf/ghGPEciEjOep

Score

N/A

Malware Config

Signatures

Files

1564a8072ef56da7b655281b585d6d2ca061a9c007134c512b7013087df885da
.exe windows x86

35e0c6b28124f78dbd3961d1567d0b5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_except_handler3
__wgetmainargs
sprintf
wcscpy
__p__fmode
_stricmp
__winitenv
_exit
_cexit
strstr
_wcsicmp
__setusermatherr
_c_exit
_initterm
printf
_XcptFilter
_controlfp

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExW

kernel32

GetCPInfo
RemoveDirectoryW
FreeLibrary
VirtualFree
GetModuleFileNameW
ExpandEnvironmentStringsW
GetProcAddress
GetWindowsDirectoryW
LocalAlloc
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetTickCount
LocalFree
GetLastError
GetCurrentProcessId

rasdlg

RasPhonebookDlgW
RasAutodialQueryDlgW
RasDialDlgW

rasapi32

RasGetAutodialAddressW
RasGetAutodialParamW
RasEnumAutodialAddressesW

shlwapi

StrCatW

Sections

.safdwer
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35e0c6b28124f78dbd3961d1567d0b5a

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

rasdlg

rasapi32

shlwapi

Sections

.safdwer Size: 58KB - Virtual size: 57KB

.rdata Size: 59KB - Virtual size: 59KB

.text Size: 271KB - Virtual size: 270KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 512B - Virtual size: 256B

.safdwer
Size: 58KB - Virtual size: 57KB

.rdata
Size: 59KB - Virtual size: 59KB

.text
Size: 271KB - Virtual size: 270KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 512B - Virtual size: 256B