f31ab5f39c5e2e93a330cc932ebbb8a40cdf36f7504f0780b69dd1c76fdf7ce8

General

Target

f31ab5f39c5e2e93a330cc932ebbb8a40cdf36f7504f0780b69dd1c76fdf7ce8
Size

216KB
MD5

a0e9c853d656e8b5097ac63f226170f0
SHA1

179d425308db6394488cb8ad0564b8c52e96db41
SHA256

f31ab5f39c5e2e93a330cc932ebbb8a40cdf36f7504f0780b69dd1c76fdf7ce8
SHA512

9bf1b360875af07cec95fc9fd38661ea5960397d95cc0167036daf6d1714fa35828c350055fbc9a8011216b196c33dd8b481b29538f2de343cbf0523439377ce
SSDEEP

6144:CozUatuxuyW4HNaRkOzG3lMG9lTo7pfHoFBGp:CozfuxHW4kRkOzG3lMslTo7pPqGp

Score

N/A

Malware Config

Signatures

Files

f31ab5f39c5e2e93a330cc932ebbb8a40cdf36f7504f0780b69dd1c76fdf7ce8
.exe windows x86

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
lstrcmpA
SetLastError
LoadResource
GetCurrentProcessId
CreateFileA
SystemTimeToFileTime
SetUnhandledExceptionFilter
GetSystemDefaultLCID
lstrcpyA
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
GetLocaleInfoW
FreeResource
GetOEMCP
LockResource
GetTickCount
GetLocalTime
QueryDosDeviceA
FindResourceA
WideCharToMultiByte
GetUserDefaultLCID
LoadLibraryW
DeviceIoControl
MultiByteToWideChar
HeapAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime

rasman

RasAllocateRoute
RasActivateRouteEx
IsRasmanProcess
RasAddNotification
RasAddConnectionPort

advapi32

RegOpenKeyExA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

rasctrs

OpenRasPerformanceData
CloseRasPerformanceData
CollectRasPerformanceData

rasapi32

RasValidateEntryNameW
DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameA

raschap

RasEapGetInfo
RasCpGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

Imports

kernel32

rasman

advapi32

rasctrs

rasapi32

raschap

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 24KB - Virtual size: 2.0MB

.zdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 24KB - Virtual size: 2.0MB

.zdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB