633f005fdaf241b2ad55a04215a3c7d896b77e2a2220cf06e04fec6bc398a7e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

633f005fdaf241b2ad55a04215a3c7d896b77e2a2220cf06e04fec6bc398a7e7
Size

1.2MB
MD5

a0809e95b75b2559e64c2f23f99c8d5a
SHA1

8fafa5cb9b32d3f33f422ff804ff9fb9fa6851e5
SHA256

633f005fdaf241b2ad55a04215a3c7d896b77e2a2220cf06e04fec6bc398a7e7
SHA512

5ad080844a174fe34d9429dd6aab4fd3fa52b0428deea8189bede9258dbfaa062cb7dfb92e24ba64e15c488e5125de8b725747a44ca0095c04124413b78330e7
SSDEEP

12288:N27bU41Y9zSCsPSbkNrRmG+l4cWNZb/8vhsiAE7UhaNhTOMN+V3ZSkNHD8Unm5kO:NAUNHkrPr8vGsSajT8x8Z5VidbpbmK6

Score

N/A

Malware Config

Signatures

Files

633f005fdaf241b2ad55a04215a3c7d896b77e2a2220cf06e04fec6bc398a7e7
.exe windows x86

8137378b21f38673eda4e4b49ece5e4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasPortStoreUserData
RasSetAddressDisable
RasProtocolEnum
RasSetConnectionParams
RasRpcPortEnum
RasGetFramingCapabilities
RasGetDeviceConfigInfo
RasSetCachedCredentials
RasSetDevConfig
RasPortSetInfo
RasSetRouterUsage
RasServerPortClose
RasRpcGetVersion
RasPortGetStatisticsEx
RasInitialize
RasInitializeNoWait
RasSetCommSettings
RasRpcEnumConnections
RasPortFree
RasRefConnection

kernel32

GetModuleHandleA
WaitForSingleObject
CreateMutexA
CloseHandle
VirtualAlloc
VirtualFree
VirtualQueryEx
ExitProcess
lstrcmpA

shell32

ILFindChild
ILIsEqual
IsLFNDrive
FindExecutableA
DoEnvironmentSubstA
ILCreateFromPath
PifMgr_OpenProperties
OpenRegStream
ExtractIconExA
RegenerateUserEnvironment

Sections

.text
Size: 902KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrcs
Size: 171KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ