660a683b8e8be6f8c1e6e9bfd21beb7f8b1f08b7b107cbff4f81b4a86c3a9756

Sharing

Copy URL Twitter E-mail

General

Target

660a683b8e8be6f8c1e6e9bfd21beb7f8b1f08b7b107cbff4f81b4a86c3a9756
Size

216KB
MD5

502ce6484aaaeb1fdd2d358e4f01fc30
SHA1

305e8ddd4dda252688a0e39f78b198021f9ec91a
SHA256

660a683b8e8be6f8c1e6e9bfd21beb7f8b1f08b7b107cbff4f81b4a86c3a9756
SHA512

4b51fe07874e0163bd97cb7e078053652f5cacbf9e0356191fe4a27f0a1923de1ab2b2f2b70173105e47f52f39478e13f321682e85a6c6746ecee8f99c220eb5
SSDEEP

6144:TXhGDY8OfkQ95OO4HCrs3FCsVRBjzxq/sKaHM+:TiY8OMQ95OO1ytrf/K6

Score

N/A

Malware Config

Signatures

Files

660a683b8e8be6f8c1e6e9bfd21beb7f8b1f08b7b107cbff4f81b4a86c3a9756
.exe windows x86

3143381ba3d20de0cb506cc127e60965

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasdlg

RasSrvIsServiceRunning
RasAutodialQueryDlgA
RasEntryDlgW
DwTerminalDlg
RasUserEnableManualDial
RasPhonebookDlgA
RasSrvHangupConnection
RasUserGetManualDial
RasSrvInitializeService
RasSrvCleanupService
RasDialDlgA
RasSrvAddPropPages
RouterEntryDlgA
RasUserPrefsDlg
RouterEntryDlgW
RasSrvAllowConnectionsConfig
RasAutodialQueryDlgW
RasSrvIsConnectionConnected
RasPhonebookDlgW
RasEntryDlgA
GetRasDialOutProtocols
RasDialDlgW
RasSrvEnumConnections

rasapi32

RasValidateEntryNameW
RasValidateEntryNameA
RasSetSubEntryPropertiesW
DwCloneEntry

kernel32

MultiByteToWideChar
GetTickCount
GetUserDefaultLCID
CloseHandle
lstrlenA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
SystemTimeToFileTime
GetVolumeInformationA
lstrcpyA
lstrcmpA
GetCurrentProcessId
LockResource
CreateFileA
HeapFree
SetUnhandledExceptionFilter
GetOEMCP
GetLocaleInfoW
FindResourceA
GetLocalTime
DeviceIoControl
QueryDosDeviceA
HeapAlloc
LoadResource
GetProcessHeap
WideCharToMultiByte
GetSystemDefaultLCID
SetLastError
LoadLibraryW
FreeResource
GetCurrentProcess

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegOpenKeyW

rasman

RasAddConnectionPort
RasAddNotification
IsRasmanProcess
RasAllocateRoute
RasActivateRouteEx

rasctrs

CloseRasPerformanceData
OpenRasPerformanceData
CollectRasPerformanceData

raschap

RasCpGetInfo
RasEapGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 22KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3143381ba3d20de0cb506cc127e60965

Headers

File Characteristics

Imports

rasdlg

rasapi32

kernel32

advapi32

rasman

rasctrs

raschap

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 73KB - Virtual size: 72KB

.hdata Size: 22KB - Virtual size: 2.0MB

.edata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 73KB - Virtual size: 72KB

.hdata
Size: 22KB - Virtual size: 2.0MB

.edata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB