bda1450f37cb2bf3545a68941095a1af1f6330bdaa26f2c267f1498eb96a51f8

General

Target

bda1450f37cb2bf3545a68941095a1af1f6330bdaa26f2c267f1498eb96a51f8
Size

216KB
MD5

228930f7092be743dc70685244b11071
SHA1

14b213e4232412f600bbbc4866b525cee37b0adb
SHA256

bda1450f37cb2bf3545a68941095a1af1f6330bdaa26f2c267f1498eb96a51f8
SHA512

3ececb42d6ec274bf61c2d3f7089f216899511adbc3f97c54e4321673c6b676c959605dba6547b320187694b4180252969f0a78b4c96872aa08e0b1c4ad012f0
SSDEEP

6144:CozUatuxuyW4HNaRkOzG3lMG9lTo7pfHoFB6Jp:CozfuxHW4kRkOzG3lMslTo7pPq6Jp

Score

N/A

Malware Config

Signatures

Files

bda1450f37cb2bf3545a68941095a1af1f6330bdaa26f2c267f1498eb96a51f8
.exe windows x86

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
lstrcmpA
SetLastError
LoadResource
GetCurrentProcessId
CreateFileA
SystemTimeToFileTime
SetUnhandledExceptionFilter
GetSystemDefaultLCID
lstrcpyA
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
GetLocaleInfoW
FreeResource
GetOEMCP
LockResource
GetTickCount
GetLocalTime
QueryDosDeviceA
FindResourceA
WideCharToMultiByte
GetUserDefaultLCID
LoadLibraryW
DeviceIoControl
MultiByteToWideChar
HeapAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime

rasman

RasAllocateRoute
RasActivateRouteEx
IsRasmanProcess
RasAddNotification
RasAddConnectionPort

advapi32

RegOpenKeyExA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

rasctrs

OpenRasPerformanceData
CloseRasPerformanceData
CollectRasPerformanceData

rasapi32

RasValidateEntryNameW
DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameA

raschap

RasEapGetInfo
RasCpGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

Imports

kernel32

rasman

advapi32

rasctrs

rasapi32

raschap

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 24KB - Virtual size: 2.0MB

.zdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 24KB - Virtual size: 2.0MB

.zdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB