ceba421c301373921a17581b4c7d9a5bea559883c17f5d8cc30c74356ffdeb4a

Sharing

Copy URL Twitter E-mail

General

Target

ceba421c301373921a17581b4c7d9a5bea559883c17f5d8cc30c74356ffdeb4a
Size

137KB
MD5

67713f1d00d88e0e93c2b49396675ba0
SHA1

9874e0f00dbcca2c12fd325fd48d8250a8f48923
SHA256

ceba421c301373921a17581b4c7d9a5bea559883c17f5d8cc30c74356ffdeb4a
SHA512

608affa6939543907dc8da0d8ee75aabb4f218326fe43d6546cec3be3e87dd3379e1b09deccf9bcde9b03c822283ed6cd990cd3cc8551b11fcbe7b64b00e3ad4
SSDEEP

3072:FYX7SssnE+wEiII8YVghMl+wHry5kIhBTDHhRccW+NbtO0aM1gT7w:FC7yWXI3YVg8LhIfhRq+AMgfw

Score

N/A

Malware Config

Signatures

Files

ceba421c301373921a17581b4c7d9a5bea559883c17f5d8cc30c74356ffdeb4a
.exe windows x86

508073ba37c659b0240bafd72d23a00a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasConnectionEnum
RasPortGetStatistics
RasReferenceRasman
RasPortReceive
RasPortFree
RasGetDialParams
RasGetConnectionParams
RasRpcUnloadDll
RasCompressionGetInfo
RasPortGetInfo
RasRpcConnect
RasPortStoreUserData
RasGetInfo
RasRegisterPnPEvent
RasRpcGetErrorString
RasInitializeNoWait
RasPortBundle
RasEnumLanNets
RasRpcRemoteGetUserPreferences
RasDeviceEnum
RasRpcRemoteRasDeleteEntry
RasActivateRouteEx
RasGetDeviceName
RasSendCreds
RasSetConnectionParams
RasBundleGetStatisticsEx
RasProtocolEnum
RasSetCalledIdInfo
RasFreeBuffer
RasSetEapUserInfo
RasRPCBind
RasSetConnectionUserData
RasIsTrustedCustomDll
RasPortDisconnect
RasPortGetFramingEx

kernel32

MapViewOfFileEx
GetFirmwareEnvironmentVariableW
RegisterConsoleOS2
LZSeek
GetConsoleKeyboardLayoutNameW
RtlZeroMemory
lstrcpynW
Module32FirstW
GetTimeFormatW
SetEndOfFile
GetHandleContext
EndUpdateResourceA
VirtualAlloc
PrepareTape
EnumCalendarInfoExA
SearchPathW
GetShortPathNameW
ReadConsoleInputA
SetDefaultCommConfigA
InterlockedPopEntrySList
GlobalFindAtomA
GetDiskFreeSpaceW
UTUnRegister
TransmitCommChar
WriteConsoleOutputCharacterA
RegisterWaitForSingleObject
LoadLibraryExW
PrivMoveFileIdentityW
EnumUILanguagesW
GlobalUnWire
WriteConsoleInputVDMW
InitializeCriticalSection
ReadConsoleInputW
HeapWalk
lstrcmp
SetHandleContext
Heap32ListNext
IsValidLocale
EnumDateFormatsW
FindActCtxSectionGuid
AllocConsole
RegisterWaitForSingleObjectEx
EnumResourceLanguagesA
GetModuleHandleA
GetOverlappedResult
HeapUnlock
GetConsoleInputWaitHandle
ReleaseActCtx
LoadLibraryA
SwitchToThread
GetEnvironmentVariableW
ClearCommError
ReadFile
GetCurrentConsoleFont
RestoreLastError
FindFirstFileExW
lstrcpyn
HeapSize
FormatMessageW
WriteProfileStringW
SetFirmwareEnvironmentVariableW
_lopen
LockFile
WriteConsoleOutputA
GlobalAlloc
SetConsoleLocalEUDC
DeleteTimerQueue
AttachConsole
GetProcessPriorityBoost
DeleteVolumeMountPointW
ConvertThreadToFiber

traffic

TcAddFilter
TcCloseInterface
TcGetFlowNameW
TcSetFlowA
TcDeregisterClient
TcModifyFlow
TcQueryFlowA
TcSetFlowW
TcOpenInterfaceW
TcOpenInterfaceA
TcGetFlowNameA
TcQueryInterface
TcAddFlow
TcQueryFlowW
TcEnumerateInterfaces
TcRegisterClient
TcDeleteFlow
TcSetInterface
TcDeleteFilter
TcEnumerateFlows

opengl32

glIndexMask
glGetBooleanv
glPopAttrib
glColorPointer
glTexCoord3sv
glTexCoord4d
glTexParameteriv
glPushAttrib
glFrustum
wglMakeCurrent
glRectiv
glColor4ui
glGetTexGeniv
glGetIntegerv
glGetTexGenfv
glPopName
glColor3ubv
glVertex3fv
glTexEnvfv
glDepthRange
glPixelStorei
glMaterialf
glBlendFunc
glLightModelfv
glEdgeFlagv
glListBase
glReadPixels
glPrioritizeTextures
GlmfPlayGlsRecord
glTexGenfv
glCopyPixels
glGenTextures
GlmfInitPlayback
glPixelMapuiv
glTexCoord2s
glScaled
glAccum
glGetMaterialfv
glClearAccum
glDrawArrays
glNormal3dv
glColor4usv

user32

PostMessageA
IsDlgButtonChecked
EnumPropsExA
TranslateMessage
MessageBoxExA
ReleaseCapture
SetSysColorsTemp
SetWindowLongW
GetMenuItemCount
InsertMenuA
DisplayExitWindowsWarnings
SetMenuDefaultItem
GetKeyNameTextA
SetCapture
PtInRect
DdeQueryStringW
IsCharAlphaNumericA
ChangeDisplaySettingsExA
DestroyAcceleratorTable
MessageBoxA
GetClientRect
SwitchDesktop
GetRawInputData
CallMsgFilterA
MoveWindow
DeviceEventWorker
LoadKeyboardLayoutA
OpenClipboard

ssdpapi

DeregisterService
DHSetICSOff
CleanupCache
DHSetICSInterfaces
FreeSsdpMessage
GetNextService
GetFirstService
FindServicesCallback
SsdpCleanup
FindServicesClose
RegisterService
RegisterNotification
FindServicesCancel
DeregisterNotification
FindServices
SsdpStartup

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

508073ba37c659b0240bafd72d23a00a

Headers

DLL Characteristics

File Characteristics

Imports

rasman

kernel32

traffic

opengl32

user32

ssdpapi

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 28KB - Virtual size: 124KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 28KB - Virtual size: 124KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 1024B