20d8641906e83bc55b0e95b2664d481352a12e190690c0679419ef63b418b543

General

Target

20d8641906e83bc55b0e95b2664d481352a12e190690c0679419ef63b418b543
Size

213KB
MD5

9153f17b43d42cbdce6a92365920704e
SHA1

c1889d3ff0c7160ec633a5af51404c83f3d971c6
SHA256

20d8641906e83bc55b0e95b2664d481352a12e190690c0679419ef63b418b543
SHA512

fb976e82667d948bac5c91ea58b3ee545bd29be262e6564bfa6f3fb00b9c353257c8aba6da410dec0be737f03e3b50c4a81493986768e1faa585f7bc9b745a56
SSDEEP

6144:mohWErn9IElAtbJemyosG9htIJuV9wRN4n0eqH:mm/n9IEsHpzV9wRe3qH

Score

N/A

Malware Config

Signatures

Files

20d8641906e83bc55b0e95b2664d481352a12e190690c0679419ef63b418b543
.exe windows x86

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameW
RasValidateEntryNameA

rasctrs

CollectRasPerformanceData
CloseRasPerformanceData
OpenRasPerformanceData

kernel32

GetLocaleInfoW
FreeResource
GetEnvironmentStringsW
HeapAlloc
GetTickCount
GetLocalTime
CreateFileA
LoadResource
lstrcpyA
SystemTimeToFileTime
WideCharToMultiByte
lstrlenA
FindResourceA
CloseHandle
lstrcmpA
GetVolumeInformationA
DeviceIoControl
QueryDosDeviceA
HeapFree
LockResource
SetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetOEMCP
MultiByteToWideChar
GetProcessHeap
LoadLibraryW

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA

rasman

RasAddNotification
RasAddConnectionPort
IsRasmanProcess
RasActivateRouteEx
RasAllocateRoute

raschap

RasCpGetInfo
RasEapGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 22KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

Imports

rasapi32

rasctrs

kernel32

advapi32

rasman

raschap

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 22KB - Virtual size: 169KB

.cdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 22KB - Virtual size: 169KB

.cdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB