b192725ff367c83203d593abb9ceb067d17dd67378062975c4cc9bd666d2d13b

Sharing

Copy URL Twitter E-mail

General

Target

b192725ff367c83203d593abb9ceb067d17dd67378062975c4cc9bd666d2d13b
Size

38KB
MD5

50cf5bf509320679df8e21814629d905
SHA1

b6d2624df6ca2a7f101a45c274e9de646fafe598
SHA256

b192725ff367c83203d593abb9ceb067d17dd67378062975c4cc9bd666d2d13b
SHA512

9e9331b6dcba69d5a0c010c765829e1604846722bd366ea655b824ee4e1936520e88fc2b325fde11baf00485393e24ef6ea4c7544761f5d931bffbde6fa71d83
SSDEEP

768:Y0FXTJDLBD2w8yPx11yx4mzqbCEd4d/ofOeQjszh7P:Y0LDwVyp1Ix4mer+RgOeGszh

Score

N/A

Malware Config

Signatures

Files

b192725ff367c83203d593abb9ceb067d17dd67378062975c4cc9bd666d2d13b
.exe windows x86

6f0abaf797d291c47bee900e096ef667

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasRenameEntryA
RasGetEntryPropertiesW
RasHangUpW
RasQuerySharedConnection
RasSetEntryPropertiesW
RasSetAutodialParamA
RasAutoDialSharedConnection
DDMGetPhonebookInfo
RasGetSubEntryPropertiesW
RasSetSubEntryPropertiesA
RasSetEntryPropertiesA
RasSetAutodialParamW
RasScriptGetIpAddress
RasGetEapUserIdentityW
RasGetProjectionInfoW
RasGetProjectionInfoA
RasSetAutodialEnableW
RasEnumEntriesA
RasEnumDevicesW
RasDeleteSubEntryW
RasDeleteEntryA
RasSetCustomAuthDataA
RasIsSharedConnection
RasGetEapUserDataW
RasSetEntryDialParamsA

gdi32

GetPixel
Polyline
GetTextFaceAliasW
OffsetWindowOrgEx
ExtEscape
SetAbortProc
STROBJ_bEnumPositionsOnly
GetTextFaceA
PolyPolyline
GetPaletteEntries
GetMapMode
DdEntry2
GdiPlayPrivatePageEMF
GdiSetAttrs
GetBoundsRect
GdiCleanCacheDC
GetPath
EngLockSurface
OffsetClipRgn
DeleteEnhMetaFile
DdEntry46
GdiEntry9
SetBitmapBits

kernel32

UnlockFile
RemoveVectoredExceptionHandler
FatalAppExitW
LoadLibraryW
PrivMoveFileIdentityW
CopyFileExW
MoveFileWithProgressW
CreateFileA
GetSystemDirectoryW
GetTapeStatus
TlsSetValue
GetModuleHandleA
BaseInitAppcompatCacheSupport
RemoveDirectoryA
LZSeek
RtlCaptureStackBackTrace
LZRead
GetPrivateProfileStringW
ConvertDefaultLocale
GetOEMCP
GlobalAddAtomA

odbctrac

TraceSQLDisconnect
TraceSQLAllocConnect
TraceSQLColumnPrivilegesW
TraceSQLRowCount
TraceSQLGetConnectAttrW
TraceSQLColumns
TraceSQLAllocHandleStd
TraceSQLConnectW

olecli32

OleQueryName
OleQueryLinkFromClip
LeQueryProtocol
LeActivate
LeChangeData
LeExecute
LeObjectConvert
PbDraw
OleCreate
OleQueryClientVersion
OleEnumFormats
GenEnumFormat
OleQueryReleaseMethod
OleRename
DefCreateInvisible
GetTaskVisibleWindow
BmGetData
MfSaveToStream
GenRelease
LeSetBounds
ErrQueryOpen
WEP
LeRelease
LeObjectLong
LeEnumFormat
ObjQuerySize

msoert2

PszDupA
HrLPSZToBSTR
UlStripWhitespaceW
IDrawText
CreateTempFile
PszSkipWhiteA
PVGetMsgParam
CchFileTimeToDateTimeW
PszEscapeMenuStringA
FIsValidFileNameCharW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0abaf797d291c47bee900e096ef667

Headers

DLL Characteristics

File Characteristics

Imports

rasapi32

gdi32

kernel32

odbctrac

olecli32

msoert2

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 244B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 244B

.rsrc
Size: 4KB - Virtual size: 4KB