6c8f1e789d5ab5f3f7dce782f12400f942786dc348a94f2d6fd573394ffadb54

General

Target

6c8f1e789d5ab5f3f7dce782f12400f942786dc348a94f2d6fd573394ffadb54
Size

213KB
MD5

05307eb4952af8e6b4ae4d0fb7879e7f
SHA1

fd15b59117204dc1c3f817558c35ac76fdc383ca
SHA256

6c8f1e789d5ab5f3f7dce782f12400f942786dc348a94f2d6fd573394ffadb54
SHA512

96c78214b7265b8de041ec118318254785f2b1faf9628e8c1de0add0a07fb0312cff69453f12b2595332c5f35844ce844a9473a63a3af607bbd714483f640665
SSDEEP

6144:mohWErn9IElAtbJemyosG9htIJuV9wRN4n0eqQ:mm/n9IEsHpzV9wRe3qQ

Score

N/A

Malware Config

Signatures

Files

6c8f1e789d5ab5f3f7dce782f12400f942786dc348a94f2d6fd573394ffadb54
.exe windows x86

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameW
RasValidateEntryNameA

rasctrs

CollectRasPerformanceData
CloseRasPerformanceData
OpenRasPerformanceData

kernel32

GetLocaleInfoW
FreeResource
GetEnvironmentStringsW
HeapAlloc
GetTickCount
GetLocalTime
CreateFileA
LoadResource
lstrcpyA
SystemTimeToFileTime
WideCharToMultiByte
lstrlenA
FindResourceA
CloseHandle
lstrcmpA
GetVolumeInformationA
DeviceIoControl
QueryDosDeviceA
HeapFree
LockResource
SetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetOEMCP
MultiByteToWideChar
GetProcessHeap
LoadLibraryW

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA

rasman

RasAddNotification
RasAddConnectionPort
IsRasmanProcess
RasActivateRouteEx
RasAllocateRoute

raschap

RasCpGetInfo
RasEapGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 22KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

Imports

rasapi32

rasctrs

kernel32

advapi32

rasman

raschap

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 22KB - Virtual size: 169KB

.cdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 22KB - Virtual size: 169KB

.cdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB