fd1e12dcc630c0bc358b1963384dd2e2d18fa1614a82aef56d0250279c8bea55

General

Target

fd1e12dcc630c0bc358b1963384dd2e2d18fa1614a82aef56d0250279c8bea55
Size

216KB
MD5

917a49ccbe5e3e9ce1cfe4d4ba35d5ff
SHA1

416a0c3d9ec05fb4b68560f963b585f1c9ad7cd9
SHA256

fd1e12dcc630c0bc358b1963384dd2e2d18fa1614a82aef56d0250279c8bea55
SHA512

00e21ed88e4b21b1a59d52fe4d4db875f6a6177caf60fd6c1a95c863a7f81b2523a1fcd2b5713802dba7869c42c7fa5db03d18918af426c40a7648067b9ceed0
SSDEEP

6144:CozUatuxuyW4HNaRkOzG3lMG9lTo7pfHoFBePp:CozfuxHW4kRkOzG3lMslTo7pPqePp

Score

N/A

Malware Config

Signatures

Files

fd1e12dcc630c0bc358b1963384dd2e2d18fa1614a82aef56d0250279c8bea55
.exe windows x86

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
lstrcmpA
SetLastError
LoadResource
GetCurrentProcessId
CreateFileA
SystemTimeToFileTime
SetUnhandledExceptionFilter
GetSystemDefaultLCID
lstrcpyA
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
GetLocaleInfoW
FreeResource
GetOEMCP
LockResource
GetTickCount
GetLocalTime
QueryDosDeviceA
FindResourceA
WideCharToMultiByte
GetUserDefaultLCID
LoadLibraryW
DeviceIoControl
MultiByteToWideChar
HeapAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime

rasman

RasAllocateRoute
RasActivateRouteEx
IsRasmanProcess
RasAddNotification
RasAddConnectionPort

advapi32

RegOpenKeyExA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

rasctrs

OpenRasPerformanceData
CloseRasPerformanceData
CollectRasPerformanceData

rasapi32

RasValidateEntryNameW
DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameA

raschap

RasEapGetInfo
RasCpGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

Imports

kernel32

rasman

advapi32

rasctrs

rasapi32

raschap

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 24KB - Virtual size: 2.0MB

.zdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 24KB - Virtual size: 2.0MB

.zdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB