6bceee4f408ef6fcb4a0c90577ac96e3ca3f28ffcd338abfd6d9f4157191ce5e

Sharing

Copy URL Twitter E-mail

General

Target

6bceee4f408ef6fcb4a0c90577ac96e3ca3f28ffcd338abfd6d9f4157191ce5e
Size

230KB
MD5

98461af046828ad161ed8348dc87e148
SHA1

add50605cd8f1d6462c805b8d5ce9d491f261b1d
SHA256

6bceee4f408ef6fcb4a0c90577ac96e3ca3f28ffcd338abfd6d9f4157191ce5e
SHA512

3ea97827fae21ccce1ac36db9697fa3b91e12ab185723b9cc26329e2f417686c91ac9c50796d93d56f995cbd123f8816326342b507d946e166cbf4e06673a66b
SSDEEP

6144:DQvSbCa12YnOeYTya+iEo9/GnCmEPq2ii7z9jphmOR:Uvla1XOeI+iEote3EPviM9jpT

Score

N/A

Malware Config

Signatures

Files

6bceee4f408ef6fcb4a0c90577ac96e3ca3f28ffcd338abfd6d9f4157191ce5e
.exe windows x86

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasSetDeviceConfigInfo
RasReferenceRasman
RasGetNumPortOpen
RasGetConnectionUserData
RasRpcDisconnectServer
RasRefConnection
RasPortReceiveEx
RasSetAddressDisable
RasSetConnectionParams
RasPortFree
RasPortSetInfo
RasGetBuffer
RasLinkGetStatistics
RasRegisterRedialCallback
IsRasmanProcess
RasPortSend

oleaut32

VarDecFromR8
VARIANT_UserUnmarshal
VarUI2FromDisp
VarDateFromUI2
VarR4FromUI1
VarUI4FromCy
VarUI4FromR8
VarDateFromR4
VarBoolFromR4
SafeArrayGetDim
VarBoolFromDisp
VarParseNumFromStr
VarBstrFromI2
SystemTimeToVariantTime
VarDateFromUdate
VarBstrFromR4
OleLoadPicture
VarUI4FromI2
VarNumFromParseNum

msvcrt

_mbsnbcoll
iswlower
remove
_mbsbtype
_mbscmp
_putws
__getmainargs
_stat
__p__commode
__p__fmode
_ismbbprint
__p__winmajor
memmove
__set_app_type
exit

utildll

IsPartOfDomain
RegGetNetworkServiceName
GetUnknownString
DateTimeString
InitializeAnonymousUserCompareList
TestUserForAdmin
CalculateDiffTime
HaveAnonymousUsersChanged
CachedGetUserFromSid
CalculateElapsedTime
StrConnectState
InstallModem
StrSdClass
GetSystemMessageW
GetSystemMessageA
WinEnumerateDevices
NetworkDeviceEnumerate
QueryCurrentWinStation
StrSystemWaitReason
EnumerateMultiUserServers
ConfigureModem
RegGetNetworkDeviceName
StrProcessState

hhsetup

?AddChildFolder@CFolder@@QAEPAV1@PBDKPAKG@Z
?GetTitle@CFolder@@QAEPADXZ
?GetOrder@CFolder@@QAEKXZ
?AddChildFolder@CFolder@@QAEPAV1@PBGKPAKG@Z
?SetId@CTitle@@QAEXPBD@Z
?Open@CCollection@@QAEKPBG@Z
??1CTitle@@QAE@XZ
?AddTitle@CCollection@@QAEPAVCTitle@@PBG0000GIPAVCLocation@@PAKH0@Z
?AddChildFolder@CFolder@@QAEKPAV1@@Z
?FindTitle@CCollection@@QAEPAVCTitle@@PBDG@Z
?FindLocation@CCollection@@QAEPAVCLocation@@PBGPAI@Z
?GetTitle@CLocation@@QAEPADXZ
?SetId@CLocation@@QAEXPBG@Z
?HandleTitle@CCollection@@AAEKPAVCParseXML@@PAD@Z
?GetVersion@CCollection@@QAEKXZ
?GetMasterCHM@CCollection@@QAEHPAPADPAG@Z
?SetTitle@CLocation@@QAEXPBG@Z

odbcjt32

SQLGetTypeInfoW
LoginDialogProc
OpenDirHook
SQLFreeStmt
SQLSetDescFieldW
SQLGetInfoW
SQLPutData
SQLFreeConnect
InitializeLoginDialog
SQLGetCursorNameW
SQLExtendedFetch
SQLProceduresW
SQLConnectW
SQLGetConnectAttrW

shell32

SHGetMalloc

kernel32

WriteConsoleW
CreateFileW
ClearCommError
GetProcessId
CreateConsoleScreenBuffer
LoadLibraryW
GetUserDefaultLCID
GetEnvironmentStringsA
GlobalFindAtomA
GetAtomNameA
FindNextVolumeMountPointW
GetWindowsDirectoryW
BeginUpdateResourceA
GetLocaleInfoA
WritePrivateProfileStringW

user32

MessageBoxW
EndDialog

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

Imports

rasman

oleaut32

msvcrt

utildll

hhsetup

odbcjt32

shell32

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 5KB - Virtual size: 4KB