8a3ff05dcf819727fe23a98f28f592c9f53ec3f72b46fe39de784ed7e3aaf51c

General

Target

8a3ff05dcf819727fe23a98f28f592c9f53ec3f72b46fe39de784ed7e3aaf51c
Size

709KB
MD5

a2ae7daddf4df086d779fd77d7a78800
SHA1

50b6d53e94d8671bdc07aa36dc9ad4b9e41174a3
SHA256

8a3ff05dcf819727fe23a98f28f592c9f53ec3f72b46fe39de784ed7e3aaf51c
SHA512

8ce494b23aea7c800abf206200bf9020de47b6ee90e43879bf36e193d99d7b3987b8b04e8bd5738a04f934054c772530636e9c22a0c2d0079c877e771335d1ef
SSDEEP

12288:BVItNTkzIsThJIsjGFFP9YhkplyGKpcVwCXdpPeObarqB8XAVXNWuELbD2:BVyNgzIVkGFFe+plyGKpMX3PlOrYMFn2

Score

N/A

Malware Config

Signatures

Files

8a3ff05dcf819727fe23a98f28f592c9f53ec3f72b46fe39de784ed7e3aaf51c
.exe windows x86

8e911d4580e03b3fa2cce4d4fe8e1565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

iphlpapi

GetBestInterface
InternalGetUdpTable
InternalSetIpForwardEntry
DeleteProxyArpEntry
GetIpNetTable

kernel32

SetConsoleOutputCP
SetConsoleTitleA
GetCommModemStatus
TlsFree
GetCommandLineA
VirtualAlloc
GlobalFlags
lstrlenW
GlobalAlloc
FreeConsole
AddAtomW
OpenJobObjectA
lstrcmpA
IsDBCSLeadByte

tapi32

lineGetConfRelatedCalls
lineTranslateDialogW
lineGetDevCaps
lineOpenA
lineDrop

advapi32

RegisterTraceGuidsW
RevertToSelf
GetTraceEnableLevel
GetTokenInformation
RegSaveKeyW
SystemFunction004
SetTokenInformation
GetSidSubAuthorityCount
RegSetValueA
RegFlushKey
CryptEnumProvidersW

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 597KB - Virtual size: 897KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 143B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e911d4580e03b3fa2cce4d4fe8e1565

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

tapi32

advapi32

Sections

.text Size: 70KB - Virtual size: 70KB

.idata Size: 597KB - Virtual size: 897KB

.data Size: 512B - Virtual size: 124B

.data Size: 512B - Virtual size: 143B

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 512B - Virtual size: 380B

.text
Size: 70KB - Virtual size: 70KB

.idata
Size: 597KB - Virtual size: 897KB

.data
Size: 512B - Virtual size: 124B

.data
Size: 512B - Virtual size: 143B

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 512B - Virtual size: 380B