e5264328b4ec8d4237c311f0b7a9190170ed24d5b87bb69f46c8fd122765d671

General

Target

e5264328b4ec8d4237c311f0b7a9190170ed24d5b87bb69f46c8fd122765d671
Size

216KB
MD5

16f219c67ffc109a4af3cbc21aac7da3
SHA1

c4aade62ac1305de427e61dc007611eaa8901d31
SHA256

e5264328b4ec8d4237c311f0b7a9190170ed24d5b87bb69f46c8fd122765d671
SHA512

0d812ffa5c19517e1cb35eabced4ff1c0a1f2a387b6c5db78b9f4ef21988409d76a8696dfad87006ab3769cb0447c8069e877d091d7c9a38a63c3b6daa6b04b6
SSDEEP

6144:CozUatuxuyW4HNaRkOzG3lMG9lTo7pfHoFBdp:CozfuxHW4kRkOzG3lMslTo7pPqdp

Score

N/A

Malware Config

Signatures

Files

e5264328b4ec8d4237c311f0b7a9190170ed24d5b87bb69f46c8fd122765d671
.exe windows x86

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
lstrcmpA
SetLastError
LoadResource
GetCurrentProcessId
CreateFileA
SystemTimeToFileTime
SetUnhandledExceptionFilter
GetSystemDefaultLCID
lstrcpyA
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
GetLocaleInfoW
FreeResource
GetOEMCP
LockResource
GetTickCount
GetLocalTime
QueryDosDeviceA
FindResourceA
WideCharToMultiByte
GetUserDefaultLCID
LoadLibraryW
DeviceIoControl
MultiByteToWideChar
HeapAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime

rasman

RasAllocateRoute
RasActivateRouteEx
IsRasmanProcess
RasAddNotification
RasAddConnectionPort

advapi32

RegOpenKeyExA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

rasctrs

OpenRasPerformanceData
CloseRasPerformanceData
CollectRasPerformanceData

rasapi32

RasValidateEntryNameW
DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameA

raschap

RasEapGetInfo
RasCpGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

Imports

kernel32

rasman

advapi32

rasctrs

rasapi32

raschap

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 24KB - Virtual size: 2.0MB

.zdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 24KB - Virtual size: 2.0MB

.zdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB