bd7b3e5530f7dafc9835bf20ef48c8cbefcff41d29ad1ddf6694031974150c7a

Sharing

Copy URL Twitter E-mail

General

Target

bd7b3e5530f7dafc9835bf20ef48c8cbefcff41d29ad1ddf6694031974150c7a
Size

234KB
MD5

92caea494ff441d72969129332b43210
SHA1

d3db1a64a6c6006e7e1615634b2a3f1332ef6607
SHA256

bd7b3e5530f7dafc9835bf20ef48c8cbefcff41d29ad1ddf6694031974150c7a
SHA512

5730b1a28e63a77b3f8e51971a6050cdaad2db0eeb582cda7f08ceceeeb4029d8248a2d552352e838a4fe5a94f7632c9c8689d44eea6ce885c1276fd4ca08c95
SSDEEP

6144:uPtlxVazPpn5cNXCUDuzpd1bQgbTIcdWzjSFf:Utlx+p5CXC9bL+E

Score

N/A

Malware Config

Signatures

Files

bd7b3e5530f7dafc9835bf20ef48c8cbefcff41d29ad1ddf6694031974150c7a
.exe windows x86

31cbb42a92685adea7846ddf2d280e9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtSetHighEventPair
NtCreateMailslotFile
RtlCreateSecurityDescriptor
RtlIpv6StringToAddressW
wcsncat
RtlCreateEnvironment
RtlSetCurrentDirectory_U
NtCompactKeys
RtlSetLastWin32ErrorAndNtStatusFromNtStatus

msvcirt

?sync@strstreambuf@@UAEHXZ
??_7ifstream@@6B@
?seekpos@streambuf@@UAEJJH@Z
??1filebuf@@UAE@XZ
?fLockcInit@ios@@0HA
?get@istream@@QAEAAV1@PACHD@Z
??1stdiobuf@@UAE@XZ
?oct@@YAAAVios@@AAV1@@Z
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@D@Z
??0exception@@QAE@ABQBD@Z
?pbackfail@stdiobuf@@UAEHH@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
??0streambuf@@IAE@XZ
?dec@@YAAAVios@@AAV1@@Z
?xsgetn@streambuf@@UAEHPADH@Z

kernel32

IsWow64Process
ScrollConsoleScreenBufferA
GetUserDefaultLCID
lstrcmpiA
LoadLibraryW
GetSystemDefaultUILanguage
GetTickCount
BackupWrite
PurgeComm
SetEnvironmentVariableA
SetLastError
GetTimeZoneInformation
GetTempPathA
OpenFileMappingA
GetProfileSectionW
CloseHandle
DeleteTimerQueueEx
GetConsoleCharType

rasman

RasSendNotification
RasEnumConnectionPorts
RasPortGetProtocolCompression
RasSecurityDialogGetInfo
RasRpcRemoteGetSystemDirectory
RasPortOpenEx
RasStartRasAutoIfRequired
RasSetAddressDisable
RasPortGetStatisticsEx
RasProtocolEnum
RasSetConnectionUserData
RasSetKey
RasRequestNotification
RasCompressionSetInfo
RasDeviceEnum
RasPortFree
RasPortSend
RasRegisterPnPHandler
RasGetBuffer
RasRpcGetDevConfig
RasInitialize

rasapi32

RasGetProjectionInfoW
RasEnumConnectionsW
RasEnumAutodialAddressesA
RasGetEntryPropertiesA
RasGetEapUserIdentityW
RasQueryRedialOnLinkFailure
RasGetAutodialEnableA
RasGetAutodialParamA
RasGetSubEntryHandleA
RasGetEntryDialParamsA
RasSetSubEntryPropertiesW
RasFreeEapUserIdentityA
RasGetCredentialsW
RasGetErrorStringW
RasGetConnectStatusW
RasSetCustomAuthDataA
RasGetErrorStringA
RasGetProjectionInfoA
RasGetEapUserDataW
RasEditPhonebookEntryA
RasHangUpA
RasRenameEntryW
RasGetConnectStatusA
RasAutodialEntryToNetwork
RasSetSharedAutoDial
RasSetAutodialAddressA
RasEnumConnectionsA
RasGetSubEntryPropertiesA
RasGetSubEntryPropertiesW

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31cbb42a92685adea7846ddf2d280e9b

Headers

File Characteristics

Imports

ntdll

msvcirt

kernel32

rasman

rasapi32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 127KB - Virtual size: 127KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 127KB - Virtual size: 127KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 3KB - Virtual size: 2KB