c71f207335152fef801fd32d1c8a8b0e56f42e957dea3cb93f106087f9a366f0

General

Target

c71f207335152fef801fd32d1c8a8b0e56f42e957dea3cb93f106087f9a366f0
Size

492KB
MD5

49baa9b3b900f41832b958ae0ff5f970
SHA1

be7ad2db7ad395913e1760aa1b37500c74901631
SHA256

c71f207335152fef801fd32d1c8a8b0e56f42e957dea3cb93f106087f9a366f0
SHA512

9609147601616f2f012268ecbf8463d83033050da340d556a2bd3be4b9aea023fa462c0eaeb3ead1d384c33a269763ae8a75ba1c68bb0124f59ea76c8c028b93
SSDEEP

12288:t0dxPaLObKW6KwrE1hiUB+HY6Bl0/gFeGYBxpy7jnD:tpwKW61aizkgL8xpiD

Score

N/A

Malware Config

Signatures

Files

c71f207335152fef801fd32d1c8a8b0e56f42e957dea3cb93f106087f9a366f0
.exe windows x86

92eceeb5d6cfee08cea30185d238e1ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf
_except_handler3
__setusermatherr
__wgetmainargs
_initterm
_wcsicmp
__p__fmode
_exit
_cexit
__winitenv
_XcptFilter
wcscpy
_controlfp
sprintf
_stricmp
_c_exit
strstr
_adjust_fdiv

rasapi32

RasEnumAutodialAddressesW
RasGetAutodialParamW
RasGetAutodialAddressW

kernel32

LocalFree
LocalAlloc
LoadLibraryA
FreeLibrary
ExpandEnvironmentStringsW
GetModuleFileNameW
GetProcAddress
WideCharToMultiByte
GetCurrentProcessId
VirtualFree
GetTickCount
GetLastError
MultiByteToWideChar
GetWindowsDirectoryW
GlobalAlloc

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExA

tapi32

lineInitialize
lineGetTranslateCapsW

shlwapi

StrCatW

rasdlg

RasAutodialQueryDlgW
RasPhonebookDlgW
RasDialDlgW

Sections

.safdwer
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92eceeb5d6cfee08cea30185d238e1ce

Headers

File Characteristics

Imports

msvcrt

rasapi32

kernel32

advapi32

tapi32

shlwapi

rasdlg

Sections

.safdwer Size: 57KB - Virtual size: 57KB

.rdata Size: 59KB - Virtual size: 58KB

.text Size: 266KB - Virtual size: 266KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 512B - Virtual size: 212B

.safdwer
Size: 57KB - Virtual size: 57KB

.rdata
Size: 59KB - Virtual size: 58KB

.text
Size: 266KB - Virtual size: 266KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 512B - Virtual size: 212B