b0c3d383fe40e3f5aa9529ef4dd7166d8218372ce91fa5b0fcc02c207ef7fde3

General

Target

b0c3d383fe40e3f5aa9529ef4dd7166d8218372ce91fa5b0fcc02c207ef7fde3
Size

138KB
MD5

f1452965b1e6ef707c8eefc55c1fe2a1
SHA1

336073b7df4063008ccdb359edde7e99b3601f07
SHA256

b0c3d383fe40e3f5aa9529ef4dd7166d8218372ce91fa5b0fcc02c207ef7fde3
SHA512

9aa2b3452ea5ad52aac49a688afebed2406b95f319c0e42a0f19eacded4033e4662b1831e4bfdc4ebdc79927ad26b612d3d9514c7c06102e0a6ee1fe2d68e041
SSDEEP

3072:ejtQtakzMi2trSCLAB9oLBz9IB+a0lZnR05KZBFu:8tzio1G9+V9Y/0ldR05I

Score

N/A

Malware Config

Signatures

Files

b0c3d383fe40e3f5aa9529ef4dd7166d8218372ce91fa5b0fcc02c207ef7fde3
.exe windows x86

f3f2a3c9a18e8041fdfffca397d1b245

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoA
DosPathToSessionPathA
LCMapStringA
GetProcAddress
DnsHostnameToComputerNameW
GetProfileStringW
LoadLibraryA
HeapUnlock
lstrcat
RegisterWowBaseHandlers
FindResourceExW
IsWow64Process
InterlockedPopEntrySList
AddVectoredExceptionHandler
FindResourceA
MulDiv
VirtualAlloc
SetHandleContext
HeapCreate
PurgeComm
CreateWaitableTimerW
SetFileApisToANSI
SetErrorMode
SetWaitableTimer
GetCommTimeouts
_llseek
TransactNamedPipe
RemoveDirectoryA
CreateWaitableTimerA
ClearCommError
CreateHardLinkA
LZStart
ZombifyActCtx
DefineDosDeviceW
SetComputerNameW
GetModuleHandleW
GetGeoInfoA
GlobalUnWire
SuspendThread
GetFileAttributesA
ReadDirectoryChangesW
ResetWriteWatch
SetFilePointer
ExpandEnvironmentStringsA
InitializeCriticalSection
OutputDebugStringA
FillConsoleOutputAttribute
ExpungeConsoleCommandHistoryW

iasrad

?radiusToIAS@VSAFilter@@QBEJPAUIAttributesRaw@@@Z
?shutdown@VSAFilter@@QAEJXZ
?initialize@VSAFilter@@QAEJXZ

verifier

VerifierSetFlags

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3f2a3c9a18e8041fdfffca397d1b245

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

iasrad

verifier

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 3KB - Virtual size: 172KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 3KB - Virtual size: 172KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB