baca92ea078713aa48f9cc57965d82a181e3cd8ead6f4de1123610fae7446478

General

Target

baca92ea078713aa48f9cc57965d82a181e3cd8ead6f4de1123610fae7446478
Size

213KB
MD5

178de9eb97c0d484f86a82442538803d
SHA1

2624dd252d3dd6e2496d1cb401b77cc4ff251e3b
SHA256

baca92ea078713aa48f9cc57965d82a181e3cd8ead6f4de1123610fae7446478
SHA512

a23bd0ff9c255476bdf2f8a929bad664d1fb6b610d555f222788bd52d1f81fdd73d969e974636ef1793518a5b2e1814cc9892ee843d1c8604dfc3bdd9920e30b
SSDEEP

6144:mohWErn9IElAtbJemyosG9htIJuV9wRN4n0eq0:mm/n9IEsHpzV9wRe3q0

Score

N/A

Malware Config

Signatures

Files

baca92ea078713aa48f9cc57965d82a181e3cd8ead6f4de1123610fae7446478
.exe windows x86

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

DwCloneEntry
RasSetSubEntryPropertiesW
RasValidateEntryNameW
RasValidateEntryNameA

rasctrs

CollectRasPerformanceData
CloseRasPerformanceData
OpenRasPerformanceData

kernel32

GetLocaleInfoW
FreeResource
GetEnvironmentStringsW
HeapAlloc
GetTickCount
GetLocalTime
CreateFileA
LoadResource
lstrcpyA
SystemTimeToFileTime
WideCharToMultiByte
lstrlenA
FindResourceA
CloseHandle
lstrcmpA
GetVolumeInformationA
DeviceIoControl
QueryDosDeviceA
HeapFree
LockResource
SetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetOEMCP
MultiByteToWideChar
GetProcessHeap
LoadLibraryW

advapi32

RegQueryValueExW
RegCloseKey
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA

rasman

RasAddNotification
RasAddConnectionPort
IsRasmanProcess
RasActivateRouteEx
RasAllocateRoute

raschap

RasCpGetInfo
RasEapGetInfo
RasCpEnumProtocolIds

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 22KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8528131ff4b7401bcdd557c57595170

Headers

File Characteristics

Imports

rasapi32

rasctrs

kernel32

advapi32

rasman

raschap

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 72KB - Virtual size: 71KB

.hdata Size: 22KB - Virtual size: 169KB

.cdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 72KB - Virtual size: 71KB

.hdata
Size: 22KB - Virtual size: 169KB

.cdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB