cf0a58ec402b525d8f435a4d9b5f5a620e6c3b412c155b6e3ae93e12fdbd3c81

General

Target

cf0a58ec402b525d8f435a4d9b5f5a620e6c3b412c155b6e3ae93e12fdbd3c81
Size

494KB
MD5

81346cf51ce16340aabd418f8143b5c0
SHA1

8094d9d994d7d8c788a5b33e81c017708d462cc7
SHA256

cf0a58ec402b525d8f435a4d9b5f5a620e6c3b412c155b6e3ae93e12fdbd3c81
SHA512

5c66d231d3685b0a484d422539140c6e01b8ae7a4448850bf72a66990bfbdf1e32cebe14c90fef49236c2d378b20ef95f7f9ed331b2ef81880d51d9c1bcceebd
SSDEEP

12288:N+BM+yQ+NZgfdGxuWLMBQ/tg9Vw7HD+DCr9yngb+G1P:N+LCuUMQ/sVO+DC9ywP

Score

N/A

Malware Config

Signatures

Files

cf0a58ec402b525d8f435a4d9b5f5a620e6c3b412c155b6e3ae93e12fdbd3c81
.exe windows x86

a2ff749e99e249bd777ffcc3805056a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExA

msvcrt

_adjust_fdiv
wcscpy
__winitenv
__wgetmainargs
_wcsicmp
_controlfp
__p__fmode
_exit
_except_handler3
_stricmp
_cexit
_initterm
printf
strstr
__setusermatherr
sprintf
_XcptFilter
_c_exit

kernel32

GetCurrentProcessId
LocalAlloc
FreeLibrary
VirtualFree
RemoveDirectoryW
GetCPInfo
MultiByteToWideChar
GetProcAddress
GetLastError
LocalFree
LoadLibraryA
GetTickCount
WideCharToMultiByte
ExpandEnvironmentStringsW
GetWindowsDirectoryW
GetModuleFileNameW

rasdlg

RasPhonebookDlgW
RasDialDlgW
RasAutodialQueryDlgW

rasapi32

RasGetAutodialAddressW
RasGetAutodialParamW
RasEnumAutodialAddressesW

shlwapi

StrCatW

Sections

.safdwer
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2ff749e99e249bd777ffcc3805056a2

Headers

File Characteristics

Imports

advapi32

msvcrt

kernel32

rasdlg

rasapi32

shlwapi

Sections

.safdwer Size: 57KB - Virtual size: 57KB

.rdata Size: 59KB - Virtual size: 58KB

.text Size: 268KB - Virtual size: 267KB

.data Size: 57KB - Virtual size: 57KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 512B - Virtual size: 260B

.safdwer
Size: 57KB - Virtual size: 57KB

.rdata
Size: 59KB - Virtual size: 58KB

.text
Size: 268KB - Virtual size: 267KB

.data
Size: 57KB - Virtual size: 57KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 512B - Virtual size: 260B