85a8882bff42ee6bc92b5778e4fe8070add8041ecf835d1270a7ad5e22d781eb

Sharing

Copy URL

Twitter E-mail

General

Target

85a8882bff42ee6bc92b5778e4fe8070add8041ecf835d1270a7ad5e22d781eb
Size

46KB
MD5

8d62df133dd52f7c938aea7f77649655
SHA1

ff22dab285988c2b5fc97012d162c2bcdcef571b
SHA256

85a8882bff42ee6bc92b5778e4fe8070add8041ecf835d1270a7ad5e22d781eb
SHA512

41b781dd75354d9fde5b5259c543557d4833a90f4d774dd1885af8d4b9733aa7d8d461ab9d44561c1ba6de170de7b10b7600f195ed8a1fd3b6c449c54f5511c6
SSDEEP

768:6fNCG2TCOx11D25pKH5C52H/uIAQGivzZupjFlcfwWqJZb3JVtSSurpDSmw5ylQ:6v2uk2pKH5C52/uIVzmFuwWebSSQDSmO

Score

N/A

Malware Config

Signatures

Files

85a8882bff42ee6bc92b5778e4fe8070add8041ecf835d1270a7ad5e22d781eb
.exe windows x86

619451ae84c91c474280e5f5c8c8028f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
GetCurrentThreadId
GetVersionExA
RaiseException
TlsAlloc
GetModuleHandleA
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetSystemInfo
CreateMutexA
GetProcAddress

advapi32

RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA

oleaut32

SysFreeString
SysStringLen
VariantClear
SysAllocString

netapi32

NetErrorLogClear

rasman

RasSetPortUserData

user32

EnableWindow
DestroyIcon
RegisterClassExW
CharLowerA
MessageBoxIndirectW
GetMenuStringA
wvsprintfW
MonitorFromRect
WinHelpA
GetFocus
wvsprintfA
EnableMenuItem
CharPrevW
LoadMenuIndirectW
GetMenuState
CheckMenuItem
wsprintfA
GetSysColor
SetWindowPos
CharPrevA
AppendMenuA
OffsetRect
mouse_event

gdi32

SetEnhMetaFileBits
SetWinMetaFileBits
CreateMetaFileW
GetEnhMetaFileA
UpdateICMRegKeyA
CreateICA
GetTextExtentPointW

ntprint

PSetupIsTheDriverFoundInInfInstalled
PSetupEnumMonitor
PSetupGetLocalDataField

Sections

CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dZzVzb
Size: 10KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ro
Size: 6KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

619451ae84c91c474280e5f5c8c8028f

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

netapi32

rasman

user32

gdi32

ntprint

Sections

CODE Size: 2KB - Virtual size: 2KB

CODE Size: 11KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 11KB

.dZzVzb Size: 10KB - Virtual size: 100KB

.data Size: 6KB - Virtual size: 127KB

.ro Size: 6KB - Virtual size: 97KB

.rsrc Size: 6KB - Virtual size: 6KB

CODE
Size: 2KB - Virtual size: 2KB

CODE
Size: 11KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 11KB

.dZzVzb
Size: 10KB - Virtual size: 100KB

.data
Size: 6KB - Virtual size: 127KB

.ro
Size: 6KB - Virtual size: 97KB

.rsrc
Size: 6KB - Virtual size: 6KB