d04226c12f4fa0d04b9cebac7daa58081bc18786a0605c3006df5912088d834d

Sharing

Copy URL Twitter E-mail

General

Target

d04226c12f4fa0d04b9cebac7daa58081bc18786a0605c3006df5912088d834d
Size

824KB
MD5

07be14127a5061d90cb4d7518411c840
SHA1

3244d6515e16ab6e9651209816068f1910c4ebb4
SHA256

d04226c12f4fa0d04b9cebac7daa58081bc18786a0605c3006df5912088d834d
SHA512

cff0f29cddfaaf6247ab4968ab5cf9b2abecb21d131beb368cdfcf3b1eede989489ffa924661b67cbc9d7b8e41a2366abe5db0b3cdee8edda50fc4d0c773d8f2
SSDEEP

12288:/fxYREaFOMIy/eg0d1C0fH7OeqV0cnK6IDMacTNPzNWHTZnvp7oeH1VdeRIDQ7:HmfF9hqe03TAac55UnJoYfdeRYQ7

Score

N/A

Malware Config

Signatures

Files

d04226c12f4fa0d04b9cebac7daa58081bc18786a0605c3006df5912088d834d
.exe windows x86

028a4ef95b0b5ab6d97558d87c14a9c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasSetAutodialParamA
RasEnumEntriesW
RasGetSubEntryHandleA
RasQuerySharedConnection
RasSetCustomAuthDataW
RasCreatePhonebookEntryW
RasDeleteSubEntryW
RasSetEntryDialParamsA
RasGetEntryHrasconnW
RasSetAutodialEnableW
RasScriptSend
RasEnumEntriesA
RasGetCredentialsW
RasHangUpW
RasGetCredentialsA
RasQuerySharedAutoDial
RasGetLinkStatistics
RasEnumConnectionsW
DDMGetPhonebookInfo
RasSetAutodialAddressW
RasSetEapUserDataW
RasGetSubEntryHandleW
RasValidateEntryNameA
DwCloneEntry
RasDeleteEntryW
RasDialW
RasClearLinkStatistics
RasEnumDevicesA

msvcirt

??0filebuf@@QAE@ABV0@@Z
??_7istream_withassign@@6B@
?sputn@streambuf@@QAEHPBDH@Z
?open@filebuf@@QAEPAV1@PBDHH@Z
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
?read@istream@@QAEAAV1@PACH@Z
?clrlock@ios@@QAAXXZ
??0stdiobuf@@QAE@ABV0@@Z
??_Eexception@@UAEPAXI@Z
??_Eios@@UAEPAXI@Z
??_8strstream@@7Bostream@@@
??1ofstream@@UAE@XZ
?setf@ios@@QAEJJ@Z
??5istream@@QAEAAV0@PAC@Z
?snextc@streambuf@@QAEHXZ
??_Glogic_error@@UAEPAXI@Z
??0ifstream@@QAE@PBDHH@Z
??1ostream@@UAE@XZ
??_Gostrstream@@UAEPAXI@Z
?close@ofstream@@QAEXXZ
??_Gofstream@@UAEPAXI@Z
?binary@filebuf@@2HB
??_8fstream@@7Bostream@@@

kernel32

IsWow64Process
GetConsoleAliasExesW
SetConsoleDisplayMode
SetTapeParameters
EscapeCommFunction
GetEnvironmentStringsA
GlobalAddAtomW
GetWindowsDirectoryA
GetNumaHighestNodeNumber
WritePrivateProfileSectionW
LoadLibraryW
GetSystemWindowsDirectoryA
SetLastError
WritePrivateProfileStringA
GetCommState
OpenJobObjectA
IsDBCSLeadByteEx
GetDriveTypeW
GenerateConsoleCtrlEvent
CompareStringA
GetLocaleInfoW
DnsHostnameToComputerNameW
GetGeoInfoA

msutb

ClosePopupTipbar
DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject
SetRegisterLangBand
GetPopupTipbar

Sections

.text
Size: 417KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

028a4ef95b0b5ab6d97558d87c14a9c3

Headers

DLL Characteristics

File Characteristics

Imports

rasapi32

msvcirt

kernel32

msutb

Sections

.text Size: 417KB - Virtual size: 416KB

.rdata Size: 113KB - Virtual size: 112KB

.data Size: 181KB - Virtual size: 1.5MB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 417KB - Virtual size: 416KB

.rdata
Size: 113KB - Virtual size: 112KB

.data
Size: 181KB - Virtual size: 1.5MB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 1024B - Virtual size: 904B