1c0ae386f6da914d10f068d3b8182e074e99c7ab04f85c01294428183098d2fb

General

Target

1c0ae386f6da914d10f068d3b8182e074e99c7ab04f85c01294428183098d2fb
Size

216KB
MD5

9c94e9cb480d4f314a16423c88b7ccf1
SHA1

e6aa867e1a239fc449eb935678865ea6d51ca34b
SHA256

1c0ae386f6da914d10f068d3b8182e074e99c7ab04f85c01294428183098d2fb
SHA512

422753cca05640b60e31876bcb7ecd4d9300e30eecae5ca434114be47fbfdd6a6998212d6e1d99b4b28b1c0836073fbbb1cde88d349b480ee56eb67d670c1699
SSDEEP

6144:CozUatuxuyW4HNaRkOzG3lMG9lTo7pfHoFB3ap:CozfuxHW4kRkOzG3lMslTo7pPqKp

Score

N/A

Malware Config

Signatures

Files

1c0ae386f6da914d10f068d3b8182e074e99c7ab04f85c01294428183098d2fb
.exe windows x86

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapFree
GetEnvironmentStringsW
GetProcessHeap
lstrcmpA
SetLastError
LoadResource
GetCurrentProcessId
CreateFileA
SystemTimeToFileTime
SetUnhandledExceptionFilter
GetSystemDefaultLCID
lstrcpyA
CloseHandle
QueryPerformanceCounter
GetCurrentProcess
GetLocaleInfoW
FreeResource
GetOEMCP
LockResource
GetTickCount
GetLocalTime
QueryDosDeviceA
FindResourceA
WideCharToMultiByte
GetUserDefaultLCID
LoadLibraryW
DeviceIoControl
MultiByteToWideChar
HeapAlloc
GetVolumeInformationA
GetSystemTimeAsFileTime

rasman

RasAllocateRoute
RasActivateRouteEx
IsRasmanProcess
RasAddNotification
RasAddConnectionPort

advapi32

RegOpenKeyExA
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

rasctrs

OpenRasPerformanceData
CloseRasPerformanceData
CollectRasPerformanceData

rasapi32

RasValidateEntryNameW
DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameA

raschap

RasEapGetInfo
RasCpGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 24KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f857400bbb54bdf61f866cee2d87ad5

Headers

File Characteristics

Imports

kernel32

rasman

advapi32

rasctrs

rasapi32

raschap

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 24KB - Virtual size: 2.0MB

.zdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 24KB - Virtual size: 2.0MB

.zdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB