b5de54e83b544faebf6f4f18368a16d822e1b361d81693060d573e4098e18226

Sharing

Copy URL

Twitter E-mail

General

Target

b5de54e83b544faebf6f4f18368a16d822e1b361d81693060d573e4098e18226
Size

173KB
MD5

bdc8d8f59403e6c248809daeba18aa77
SHA1

14a818aff5e5f2d5f34bd6dbe4b695b479a110cb
SHA256

b5de54e83b544faebf6f4f18368a16d822e1b361d81693060d573e4098e18226
SHA512

b49527d4e63fa83dd3b40347afd526c91055e49da8bcf0f2837e0c1e088b0f19c469cbfb04580c9c8ed89375d8ab4194c3fe6ba3335065e480c4d29be8263458
SSDEEP

3072:ZaBRkDu4d6aeELi0C81GlKjzpBHdAkHBMn9lLIaDjlDi+5G:MBiDsEVCoG4tBOkHBMPIf+

Score

N/A

Malware Config

Signatures

Files

b5de54e83b544faebf6f4f18368a16d822e1b361d81693060d573e4098e18226
.exe windows x86

05707ede05ec7a49632d740c12f31691

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

inetcomm

MimeOleAlgStrengthFromSMimeCap
CreateRangeList
MimeOleCreatePropertySet
MimeEditCreateMimeDocument
MimeOleSetCompatMode
MimeEditGetBackgroundImageUrl
MimeOleGetAllocator
EssContentHintEncodeEx
MimeOleCreateByteStream
MimeOleGetPropertySchema
MimeEditIsSafeToRun
EssMLHistoryDecodeEx
HrAthGetFileNameW
HrDoAttachmentVerb
MimeOleEncodeHeader
MimeOleCreateBody
CreateIMAPTransport
EssSignCertificateEncodeEx
HrAttachDataFromFile
MimeOleGetBodyPropA
MimeOleSetPropW
EssSecurityLabelDecodeEx
MimeOleSMimeCapGetEncAlg
HrFreeAttachData
MimeOleDecodeHeader
MimeOleSMimeCapAddSMimeCap
HrSaveAttachmentAs
MimeOleGetPropW
MimeOleSetBodyPropW
MimeOleSMimeCapsToDlg
HrGetLastOpenFileDirectory
MimeGetAddressFormatW
GetDllMajorVersion
HrSaveAttachToFile
MimeOleSMimeCapsFull
CreateNNTPTransport
CreateIMAPTransport2

rasapi32

RasGetCountryInfoA
RasGetAutodialEnableA
RasGetConnectStatusW
RasHangUpA
RasGetCustomAuthDataW
RasSetAutodialEnableW
RasEnumDevicesA
RasEditPhonebookEntryW
RasGetErrorStringA
RasGetAutodialParamA
RasGetCredentialsA
RasGetCredentialsW
RasGetEntryHrasconnW
RasGetEapUserDataW
RasSetEapUserDataW
RasCreatePhonebookEntryA
RasScriptReceive
RasGetAutodialAddressA
RasGetEntryDialParamsA
RasFreeEapUserIdentityA
RasSetAutodialParamW
RasEnumEntriesA
RasDeleteEntryW
RasAutodialEntryToNetwork
RasGetSubEntryHandleA
RasQuerySharedConnection
RasSetEapUserDataA
RasRenameEntryA
RasAutoDialSharedConnection
RasEnumConnectionsW
RasGetEapUserDataA
RasDialW
RasGetConnectionStatistics
RasGetConnectStatusA
RasGetEapUserIdentityW
RasSetAutodialAddressA
RasEnumConnectionsA
RasSetAutodialEnableA

msvcrt40

??_Gostream_withassign@@UAEPAXI@Z
_setjmp
_beep
_wfindnexti64
isleadbyte
_CItanh
_ismbbkalnum
??_Gexception@@UAEPAXI@Z
??0stdiostream@@QAE@ABV0@@Z
?openprot@filebuf@@2HB
_spawnle
??6ostream@@QAEAAV0@G@Z
_execvpe
_strrev
_wstat
??_8fstream@@7Bostream@@@
strerror
time
??_Eistrstream@@UAEPAXI@Z
_wcsnicmp
?ws@@YAAAVistream@@AAV1@@Z
_lrotr
??0filebuf@@QAE@H@Z
?rdbuf@fstream@@QBEPAVfilebuf@@XZ
putwchar
sin
_ismbbgraph
_wgetcwd
?binary@filebuf@@2HB
_chgsign
__p__acmdln
?sync_with_stdio@ios@@SAXXZ
_wopen
raise
?getline@istream@@QAEAAV1@PAEHD@Z
??2@YAPAXI@Z
?osfx@ostream@@QAEXXZ
_mbspbrk
_strdup
??6ostream@@QAEAAV0@PAVstreambuf@@@Z
?gbump@streambuf@@IAEXH@Z
_sopen
??0stdiostream@@QAE@PAU_iobuf@@@Z
atexit
exp
strlen
_vsnwprintf
vfprintf
?width@ios@@QAEHH@Z
_itow
_inpd
_wexecvpe
?get@istream@@QAEAAV1@AAC@Z
ceil
?put@ostream@@QAEAAV1@C@Z
fputwc
??0strstream@@QAE@PADHH@Z
?floatfield@ios@@2JB
??_8istrstream@@7B@
??_Dostream_withassign@@QAEXXZ
_mbsset
?pbackfail@stdiobuf@@UAEHH@Z
_mbsncpy
??_8fstream@@7Bistream@@@
__argc
_finite
getchar
_fputwchar
?str@strstreambuf@@QAEPADXZ
_filelengthi64
?seekg@istream@@QAEAAV1@JW4seek_dir@ios@@@Z

kernel32

FormatMessageW
GetCPInfo
AllocConsole
GlobalAlloc
GetProcessIoCounters
GetConsoleMode
SetTimeZoneInformation
CommConfigDialogA
LocalFileTimeToFileTime
GetModuleHandleA
GetModuleHandleW
BuildCommDCBW
RemoveDirectoryA
PrivCopyFileExW
VirtualFreeEx
GetLocaleInfoA
EnumResourceNamesW
ExpandEnvironmentStringsW
GetVolumePathNamesForVolumeNameA
GetConsoleAliasW
SetHandleCount
GetConsoleNlsMode
FindFirstFileExA
SetSystemTimeAdjustment
VirtualAlloc
EnumSystemCodePagesW
GetConsoleCursorInfo
IsDBCSLeadByte
SetConsoleCursorMode
GetProcessTimes
SetHandleContext
TlsSetValue
GetCurrentThread
SetCriticalSectionSpinCount
SetConsoleCP
CallNamedPipeW
LoadLibraryA
EnumCalendarInfoA
GetDiskFreeSpaceW
WriteConsoleOutputW
EnumDateFormatsExA
GetProcessShutdownParameters

rasdlg

RasSrvIsServiceRunning
RasPhonebookDlgW
RasSrvCleanupService
RasUserGetManualDial
RasSrvAddPropPages
GetRasDialOutProtocols
RasSrvAllowConnectionsConfig
RasAutodialQueryDlgW
RasEntryDlgA
RasPhonebookDlgA
RasEntryDlgW
RasUserEnableManualDial
RouterEntryDlgA
RasDialDlgA
RasSrvEnumConnections
RasAutodialQueryDlgA
DwTerminalDlg
RasSrvHangupConnection
RasDialDlgW
RasSrvIsConnectionConnected
RasSrvInitializeService
RouterEntryDlgW
RasUserPrefsDlg

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

05707ede05ec7a49632d740c12f31691

Headers

DLL Characteristics

File Characteristics

Imports

inetcomm

rasapi32

msvcrt40

kernel32

rasdlg

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 512B - Virtual size: 241KB

.rsrc Size: 43KB - Virtual size: 42KB

.reloc Size: 1KB - Virtual size: 60KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 512B - Virtual size: 241KB

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 1KB - Virtual size: 60KB