c1da3d912d3844e8d2b36e150dc9c0d9

Sharing

Copy URL Twitter E-mail

General

Target

c1da3d912d3844e8d2b36e150dc9c0d9
Size

41KB
MD5

c1da3d912d3844e8d2b36e150dc9c0d9
SHA1

b2b971e837d1c7a955c2d264536a45548558b311
SHA256

6b6663ed27dab325172afb31e4ba7129ed4450b33e6dc175ffac0ba57f3bee20
SHA512

d90e99b276bbb5a04a2b744f5a36a507c4d72c1c76e3598bab22f8fc13e6b1a52d028f88f28f9b5a440530ed6cd85670a7747c7ca75b3e3c59a00954a9f9890d
SSDEEP

768:6sqj5CU78OUdWfCOLeH0GLxilCz43kgxVFSn4QIAIG7yYP:dE5CU7fUd7ueU1Jks44lAIG7HP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1da3d912d3844e8d2b36e150dc9c0d9

Files

c1da3d912d3844e8d2b36e150dc9c0d9
.exe windows:5 windows x86 arch:x86

7b9d76197b139865aa1e0b88ebcb688b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasman

RasGetHConnFromEntry
RasSetConnectionParams
RasSignalNewConnection
RasPortClose
RasSetConnectionUserData
RasPortGetBundledPort
RasGetInfoEx
RasDeviceEnum
RasInitialize
RasCreateConnection
RasDeAllocateRoute
RasEnumConnectionPorts
RasActivateRoute
RasBundleGetStatistics
RasDeviceGetInfo
RasServerPortClose
RasDoIke
RasAllocateRoute
RasSecurityDialogGetInfo
RasPortReserve
RasRpcGetSystemDirectory
RasPortClearStatistics
RasRPCBind
RasPortGetStatistics
RasRpcGetUserPreferences
RasSetDeviceConfigInfo

kernel32

GetWriteWatch
CreateJobSet
lstrcpynA
SetUserGeoID
GetWindowsDirectoryA
lstrlenW
GetConsoleFontSize
EndUpdateResourceA
LocalReAlloc
WritePrivateProfileStringA
GetCurrentThread
EnumCalendarInfoExW
GetSystemWindowsDirectoryA
FindFirstVolumeA
GetLocaleInfoW
SetCommConfig
GetModuleHandleW
TermsrvAppInstallMode
FillConsoleOutputCharacterA
CallNamedPipeA
CreateSemaphoreW
WritePrivateProfileStructW
EnumResourceTypesW
VirtualUnlock
SetTimeZoneInformation
SetTimerQueueTimer
GetConsoleAliasExesLengthA
TlsGetValue
GlobalAddAtomA
QueryPerformanceCounter
OpenMutexW
SizeofResource
IsBadStringPtrW
LoadLibraryW
DeleteAtom
WaitForDebugEvent
MoveFileExA
GetFileAttributesExA
GetConsoleTitleW
GetProcessWorkingSetSize
lstrcmpiW
GetSystemWindowsDirectoryW
RequestDeviceWakeup

user32

InvalidateRgn
LoadLocalFonts
DdeDisconnectList
RegisterClassExW
EnumClipboardFormats
WaitMessage
GetMessagePos
ToUnicode
GetMessageW
SetDlgItemTextA
RedrawWindow
DispatchMessageA
KillTimer
SetScrollPos
GetCaretBlinkTime
WaitForInputIdle
IsHungAppWindow
EditWndProc
ChangeMenuA
SetMenuItemBitmaps
IsDlgButtonChecked
GetForegroundWindow
DrawCaptionTempW
GetKeyNameTextA
DdePostAdvise
SetDlgItemTextW
CreateIconFromResource
SetScrollInfo
UnhookWindowsHook
SetMenuItemInfoW
MessageBoxIndirectA
CallWindowProcA
GetWindowContextHelpId
LoadMenuIndirectA
DdeCreateDataHandle
OemToCharBuffW
ShowWindowAsync
CharLowerBuffA
IMPGetIMEW

odbctrac

TraceSQLSetDescRec
TraceSQLBindParam
TraceSQLExecDirect
TraceSQLStatistics
TraceSQLColAttributeW
TraceSQLBindParameter
TraceSQLCopyDesc
TraceSQLSetConnectOptionW
TraceSQLEndTran

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b9d76197b139865aa1e0b88ebcb688b

Headers

DLL Characteristics

File Characteristics

Imports

rasman

kernel32

user32

odbctrac

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB