a78dbfbe19061ef25628cdd3f40fc0a7ad8c2c5055adb6c1cebc79dcd8cf9d9b

Sharing

Copy URL Twitter E-mail

General

Target

a78dbfbe19061ef25628cdd3f40fc0a7ad8c2c5055adb6c1cebc79dcd8cf9d9b
Size

217KB
MD5

09c2e90e1062078e9833c642594c646a
SHA1

885f30f1c7fc82bb8a12056904d28b31cb26fb83
SHA256

a78dbfbe19061ef25628cdd3f40fc0a7ad8c2c5055adb6c1cebc79dcd8cf9d9b
SHA512

d38221e7ac92397f82f703c17a1927dd62832f79ba74a5aa9fc8767e9a07f68b3c328b4db3779e26c6f83c44a90ca4f70576b32ac1a6d6007f9a1f773b179112
SSDEEP

6144:r51jJe1P3T5t6DJV/lV7Wx5R/QXB+P6cjGunLmaQVX+Z:3jJsP3T5t6DJ5LaEXQPVGuL1QY

Score

N/A

Malware Config

Signatures

Files

a78dbfbe19061ef25628cdd3f40fc0a7ad8c2c5055adb6c1cebc79dcd8cf9d9b
.exe windows x86

80115f9e414eca8538654e73098b9860

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
LockResource
SetUnhandledExceptionFilter
QueryPerformanceCounter
HeapFree
GetOEMCP
GetSystemDefaultLCID
lstrcpyA
QueryDosDeviceA
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationA
LoadResource
GetProcessHeap
GetTickCount
SetLastError
LoadLibraryW
lstrcmpA
HeapAlloc
lstrlenA
GetSystemTimeAsFileTime
GetCurrentProcess
CloseHandle
GetEnvironmentStringsW
GetLocalTime
DeviceIoControl
FreeResource
GetUserDefaultLCID
SystemTimeToFileTime
FindResourceA
GetCurrentProcessId
CreateFileA

rasdlg

RasEntryDlgW
RasUserPrefsDlg
RasPhonebookDlgW
RouterEntryDlgA
RasSrvIsServiceRunning
RasSrvEnumConnections
RasSrvCleanupService
RasAutodialQueryDlgW
RasSrvHangupConnection
RasDialDlgW
DwTerminalDlg
RasUserGetManualDial
GetRasDialOutProtocols
RouterEntryDlgW
RasDialDlgA
RasUserEnableManualDial
RasSrvAddPropPages
RasEntryDlgA
RasSrvInitializeService
RasSrvIsConnectionConnected
RasAutodialQueryDlgA
RasPhonebookDlgA
RasSrvAllowConnectionsConfig

rasman

RasAddNotification
IsRasmanProcess
RasAddConnectionPort
RasAllocateRoute
RasActivateRouteEx

advapi32

RegQueryValueExW
RegOpenKeyExA
RegOpenKeyW
RegCloseKey
RegQueryValueExA

rasapi32

RasSetSubEntryPropertiesW
RasValidateEntryNameA
DwCloneEntry
RasValidateEntryNameW

rasctrs

CloseRasPerformanceData
CollectRasPerformanceData
OpenRasPerformanceData

raschap

RasEapGetInfo
RasCpEnumProtocolIds
RasCpGetInfo

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 23KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80115f9e414eca8538654e73098b9860

Headers

File Characteristics

Imports

kernel32

rasdlg

rasman

advapi32

rasapi32

rasctrs

raschap

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 73KB - Virtual size: 72KB

.hdata Size: 23KB - Virtual size: 2.0MB

.edata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 73KB - Virtual size: 72KB

.hdata
Size: 23KB - Virtual size: 2.0MB

.edata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB