ac2fe9eb7cc45436889b107a8bf8cf8ecd078b11c2481cfdf693317fb3118071

General

Target

ac2fe9eb7cc45436889b107a8bf8cf8ecd078b11c2481cfdf693317fb3118071
Size

496KB
MD5

3838f7bc054f2f8cf474a6afd02c1fb0
SHA1

11284d1cd4a13e7318244f6d6ffb16aaded5e1d6
SHA256

ac2fe9eb7cc45436889b107a8bf8cf8ecd078b11c2481cfdf693317fb3118071
SHA512

381763a604a1ae62029a7b65c6235d516307eb448baa172ac1e6ee03331fef5f23a0faede1e85ce2b601b2d1904064cc47dba07de03ee4c7fea9e37028ca4584
SSDEEP

12288:65rFtF1d7vof2OQl5+++yH2YP6LzNhjf+fZ4viDWWFA9DGZ:iXxAeOQl5+++yxKzNhjfX0Z

Score

N/A

Malware Config

Signatures

Files

ac2fe9eb7cc45436889b107a8bf8cf8ecd078b11c2481cfdf693317fb3118071
.exe windows x86

dbf88c41c5e61c6a7a2037d7abfdbcbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
LocalAlloc
GetModuleHandleA
FreeLibrary
GetCurrentProcessId
GetWindowsDirectoryW
GetProcAddress
RemoveDirectoryW
WideCharToMultiByte
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLastError
MultiByteToWideChar
GetTickCount
LocalFree
VirtualFree
GetCPInfo

rasdlg

RasPhonebookDlgW
RasDialDlgW
RasAutodialQueryDlgW

msvcrt

_initterm
wcscpy
__setusermatherr
printf
_controlfp
sprintf
_stricmp
_wcsicmp
_c_exit
__wgetmainargs
_XcptFilter
__p__fmode
strstr
_except_handler3
_exit
__winitenv
_adjust_fdiv
_cexit

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExA

tapi32

lineInitialize
lineGetTranslateCapsW

rasapi32

RasGetAutodialParamW
RasEnumAutodialAddressesW
RasGetAutodialAddressW

Sections

.safdwer
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbf88c41c5e61c6a7a2037d7abfdbcbb

Headers

File Characteristics

Imports

kernel32

rasdlg

msvcrt

advapi32

tapi32

rasapi32

Sections

.safdwer Size: 57KB - Virtual size: 57KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 58KB - Virtual size: 57KB

.text Size: 269KB - Virtual size: 269KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 512B - Virtual size: 352B

.safdwer
Size: 57KB - Virtual size: 57KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 58KB - Virtual size: 57KB

.text
Size: 269KB - Virtual size: 269KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 512B - Virtual size: 352B