e4be7b83c517416c90e08771974c5b0b717c989aa550b867de395b857cd2a5a1

Sharing

Copy URL

Twitter E-mail

General

Target

e4be7b83c517416c90e08771974c5b0b717c989aa550b867de395b857cd2a5a1
Size

230KB
MD5

13fd17aba16271e293c06b4ba0c98372
SHA1

670eccd665a9116ad8109c3afbafe6839ceb323c
SHA256

e4be7b83c517416c90e08771974c5b0b717c989aa550b867de395b857cd2a5a1
SHA512

cd401a6dc3496c70d339b2e98f2219cf7775e2d3a72bcd664b4b2c87a5f84f2044e5fc1873e2ff326a39ee190e7860d12d54217ea2c6395b328ad1d1d0d6ddfe
SSDEEP

6144:DQvSbCa12YnOeYTya+iEo9/GnCmEPq2ii7z9jphmOX:Uvla1XOeI+iEote3EPviM9jp9

Score

N/A

Malware Config

Signatures

Files

e4be7b83c517416c90e08771974c5b0b717c989aa550b867de395b857cd2a5a1
.exe windows x86

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasSetDeviceConfigInfo
RasReferenceRasman
RasGetNumPortOpen
RasGetConnectionUserData
RasRpcDisconnectServer
RasRefConnection
RasPortReceiveEx
RasSetAddressDisable
RasSetConnectionParams
RasPortFree
RasPortSetInfo
RasGetBuffer
RasLinkGetStatistics
RasRegisterRedialCallback
IsRasmanProcess
RasPortSend

oleaut32

VarDecFromR8
VARIANT_UserUnmarshal
VarUI2FromDisp
VarDateFromUI2
VarR4FromUI1
VarUI4FromCy
VarUI4FromR8
VarDateFromR4
VarBoolFromR4
SafeArrayGetDim
VarBoolFromDisp
VarParseNumFromStr
VarBstrFromI2
SystemTimeToVariantTime
VarDateFromUdate
VarBstrFromR4
OleLoadPicture
VarUI4FromI2
VarNumFromParseNum

msvcrt

_mbsnbcoll
iswlower
remove
_mbsbtype
_mbscmp
_putws
__getmainargs
_stat
__p__commode
__p__fmode
_ismbbprint
__p__winmajor
memmove
__set_app_type
exit

utildll

IsPartOfDomain
RegGetNetworkServiceName
GetUnknownString
DateTimeString
InitializeAnonymousUserCompareList
TestUserForAdmin
CalculateDiffTime
HaveAnonymousUsersChanged
CachedGetUserFromSid
CalculateElapsedTime
StrConnectState
InstallModem
StrSdClass
GetSystemMessageW
GetSystemMessageA
WinEnumerateDevices
NetworkDeviceEnumerate
QueryCurrentWinStation
StrSystemWaitReason
EnumerateMultiUserServers
ConfigureModem
RegGetNetworkDeviceName
StrProcessState

hhsetup

?AddChildFolder@CFolder@@QAEPAV1@PBDKPAKG@Z
?GetTitle@CFolder@@QAEPADXZ
?GetOrder@CFolder@@QAEKXZ
?AddChildFolder@CFolder@@QAEPAV1@PBGKPAKG@Z
?SetId@CTitle@@QAEXPBD@Z
?Open@CCollection@@QAEKPBG@Z
??1CTitle@@QAE@XZ
?AddTitle@CCollection@@QAEPAVCTitle@@PBG0000GIPAVCLocation@@PAKH0@Z
?AddChildFolder@CFolder@@QAEKPAV1@@Z
?FindTitle@CCollection@@QAEPAVCTitle@@PBDG@Z
?FindLocation@CCollection@@QAEPAVCLocation@@PBGPAI@Z
?GetTitle@CLocation@@QAEPADXZ
?SetId@CLocation@@QAEXPBG@Z
?HandleTitle@CCollection@@AAEKPAVCParseXML@@PAD@Z
?GetVersion@CCollection@@QAEKXZ
?GetMasterCHM@CCollection@@QAEHPAPADPAG@Z
?SetTitle@CLocation@@QAEXPBG@Z

odbcjt32

SQLGetTypeInfoW
LoginDialogProc
OpenDirHook
SQLFreeStmt
SQLSetDescFieldW
SQLGetInfoW
SQLPutData
SQLFreeConnect
InitializeLoginDialog
SQLGetCursorNameW
SQLExtendedFetch
SQLProceduresW
SQLConnectW
SQLGetConnectAttrW

shell32

SHGetMalloc

kernel32

WriteConsoleW
CreateFileW
ClearCommError
GetProcessId
CreateConsoleScreenBuffer
LoadLibraryW
GetUserDefaultLCID
GetEnvironmentStringsA
GlobalFindAtomA
GetAtomNameA
FindNextVolumeMountPointW
GetWindowsDirectoryW
BeginUpdateResourceA
GetLocaleInfoA
WritePrivateProfileStringW

user32

MessageBoxW
EndDialog

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64fab5a726401c65e364a8e543ae2683

Headers

File Characteristics

Imports

rasman

oleaut32

msvcrt

utildll

hhsetup

odbcjt32

shell32

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 5KB - Virtual size: 4KB