82dea619c5912d6d2c60eb707b0747cc437a3d78655a4e9ca8f6b81934c4a4e4

General

Target

82dea619c5912d6d2c60eb707b0747cc437a3d78655a4e9ca8f6b81934c4a4e4
Size

494KB
MD5

61a3851902e5027f18b5e34b4d3fab00
SHA1

fbf1715532bde220d0b271e53a489116033e688b
SHA256

82dea619c5912d6d2c60eb707b0747cc437a3d78655a4e9ca8f6b81934c4a4e4
SHA512

96b44e891a2f7013c4f6cd082ef47180ffebdc4aaf2df8e238b4fc1073885506a774eb63b941a01654da20c42adcdf21badd0cb453e1697bf7c8d7c173162319
SSDEEP

12288:N+BM+yQ+NZgfdGxuWLMBQ/tg9Vw7HD+DCr9yngb+G1+:N+LCuUMQ/sVO+DC9yw+

Score

N/A

Malware Config

Signatures

Files

82dea619c5912d6d2c60eb707b0747cc437a3d78655a4e9ca8f6b81934c4a4e4
.exe windows x86

a2ff749e99e249bd777ffcc3805056a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExA

msvcrt

_adjust_fdiv
wcscpy
__winitenv
__wgetmainargs
_wcsicmp
_controlfp
__p__fmode
_exit
_except_handler3
_stricmp
_cexit
_initterm
printf
strstr
__setusermatherr
sprintf
_XcptFilter
_c_exit

kernel32

GetCurrentProcessId
LocalAlloc
FreeLibrary
VirtualFree
RemoveDirectoryW
GetCPInfo
MultiByteToWideChar
GetProcAddress
GetLastError
LocalFree
LoadLibraryA
GetTickCount
WideCharToMultiByte
ExpandEnvironmentStringsW
GetWindowsDirectoryW
GetModuleFileNameW

rasdlg

RasPhonebookDlgW
RasDialDlgW
RasAutodialQueryDlgW

rasapi32

RasGetAutodialAddressW
RasGetAutodialParamW
RasEnumAutodialAddressesW

shlwapi

StrCatW

Sections

.safdwer
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2ff749e99e249bd777ffcc3805056a2

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

rasdlg

rasapi32

shlwapi

Sections

.safdwer Size: 57KB - Virtual size: 57KB

.rdata Size: 59KB - Virtual size: 58KB

.text Size: 268KB - Virtual size: 267KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 512B - Virtual size: 260B

.safdwer
Size: 57KB - Virtual size: 57KB

.rdata
Size: 59KB - Virtual size: 58KB

.text
Size: 268KB - Virtual size: 267KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 512B - Virtual size: 260B