4f68b62ccc1e6ded6ed797c94b320238

Sharing

Copy URL Twitter E-mail

General

Target

4f68b62ccc1e6ded6ed797c94b320238
Size

120KB
MD5

4f68b62ccc1e6ded6ed797c94b320238
SHA1

d80a4e85165b7e6537cce75c9f8f2b0bd70ab7fb
SHA256

485fbb47543d34dad5e053361b7f6425b5a8e96c64d2ce7c0e39eb95d9269152
SHA512

23239108658246b2ba00722a6c3f9d50d32149326b9d0f4e965e537423a1feb64b6c0541c38b3f15c4092c7d6344af21776e5be6fe6a56a6df60687b27ab3cf2
SSDEEP

3072:g+vajp1JfiXAQNmP1jzchDbBlwqRYOURPYZsTiaS:g+vmfwdWd21lw3XPQaS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f68b62ccc1e6ded6ed797c94b320238

Files

4f68b62ccc1e6ded6ed797c94b320238
.exe windows:1 windows x86 arch:x86

d7af7da21859850deb94f8f3f71b3a87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

qcap

DllCanUnloadNow

dsdmo

DllRegisterServer

cliconfg

CPlApplet
ClientConfigureAddEdit
OnInitDialogMain

iasrad

DllRegisterServer

rtutils

TraceGetConsoleW
RouterAssert
RouterLogEventStringW
TraceVprintfExW
TracePrintfW

iaspolcy

DllCanUnloadNow

aclui

EditSecurity
CreateSecurityPage
IID_ISecurityInformation

pngfilt

DllCanUnloadNow
DllGetClassObject

mprddm

DDMAdminPortEnum
DDMTransportCreate
RasAcctProviderStartAccounting
IfObjectNotifyOfReachabilityChange

kernel32

ReadFileEx
PrivMoveFileIdentityW
LZOpenFileA
SetEvent
GetTempPathW
GetDateFormatA
SetConsoleTitleW
Module32First
LocalHandle
SetPriorityClass
WaitForSingleObject
SetHandleCount
GetPrivateProfileSectionA
GetConsoleCommandHistoryLengthA
GetComPlusPackageInstallStatus
Process32Next
UnmapViewOfFile
GlobalMemoryStatus
SetConsoleCtrlHandler
MapUserPhysicalPagesScatter
BuildCommDCBAndTimeoutsA
PeekConsoleInputW
SearchPathW
GlobalGetAtomNameA
_lwrite
GetVolumePathNamesForVolumeNameA
RegisterWaitForSingleObject
GetThreadLocale
GetNamedPipeHandleStateA
GetCommProperties
EnumDateFormatsA
SetConsoleCursorMode
IsBadReadPtr
EnumSystemLanguageGroupsW
DebugActiveProcessStop
GlobalDeleteAtom
GetBinaryType
LocalFileTimeToFileTime
InitAtomTable
TermsrvAppInstallMode
AllocConsole
WriteConsoleOutputAttribute
SetThreadContext
QueueUserWorkItem
GlobalCompact
SetConsoleKeyShortcuts
GetConsoleAliasesLengthA
GetConsoleAliasExesW
OpenEventA
GetWindowsDirectoryA
GetProcAddress
EndUpdateResourceA

rasman

RasCreateConnection
RasSignalNewConnection
RasDestroyConnection
RasPortListen
RasReferenceRasman
RasPortReceiveEx
RasGetTimeSinceLastActivity
RasRpcConnectServer
RasGetProtocolInfo
RasActivateRouteEx
RasGetInfo
RasPortGetStatistics
RasInitialize
RasPortGetProtocolCompression
RasAllocateRoute

urlmon

RegisterFormatEnumerator
IsLoggingEnabledW
IsJITInProgress
CreateURLMoniker
RegisterBindStatusCallback
CoInternetGetSecurityUrl
DllCanUnloadNow
FindMediaTypeClass
DllRegisterServerEx

Sections

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dddd
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7af7da21859850deb94f8f3f71b3a87

Headers

DLL Characteristics

File Characteristics

Imports

qcap

dsdmo

cliconfg

iasrad

rtutils

iaspolcy

aclui

pngfilt

mprddm

kernel32

rasman

urlmon

Sections

.edata Size: 2KB - Virtual size: 1KB

.edata Size: 2KB - Virtual size: 1KB

.dddd Size: 10KB - Virtual size: 20KB

.rdata Size: 3KB - Virtual size: 3KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 143KB - Virtual size: 231KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 3KB - Virtual size: 72KB

.edata
Size: 2KB - Virtual size: 1KB

.edata
Size: 2KB - Virtual size: 1KB

.dddd
Size: 10KB - Virtual size: 20KB

.rdata
Size: 3KB - Virtual size: 3KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 143KB - Virtual size: 231KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 3KB - Virtual size: 72KB