3bc8050b836b13c36209e27b962f524c638bdcd30f8cfa48bea7b356abe02773

Sharing

Copy URL

Twitter E-mail

General

Target

3bc8050b836b13c36209e27b962f524c638bdcd30f8cfa48bea7b356abe02773
Size

72KB
MD5

8d699c64ba46a45b1192f3c955d8ffd7
SHA1

016b516e41ae8293b08902b3d6dcfa51e1d27b0f
SHA256

3bc8050b836b13c36209e27b962f524c638bdcd30f8cfa48bea7b356abe02773
SHA512

f5270adaa0cf2d4f7ed1ecd35b2448e3138ea1e1996b715217b1baf5b7a07bc63a5978e60db532cb7b1d3984bfa7f77e989e05f48f224b9a05c745649ff02168
SSDEEP

1536:P+oYfmSS9EVYQfzpBal0mSQUvg4ioxMgDto6x:GocmSzY0PauQUdi2pDv

Score

N/A

Malware Config

Signatures

Files

3bc8050b836b13c36209e27b962f524c638bdcd30f8cfa48bea7b356abe02773
.exe windows x86

eef886d32899f5381aeaf06073efb0d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCommandLineA
CreateFileW
FindFirstFileA
GetACP
SetLastError
LeaveCriticalSection
GetConsoleOutputCP
GetEnvironmentStringsW
DeleteFileW
GetCurrentProcess
ExitProcess
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetLocaleInfoA
InterlockedCompareExchange
GetFileAttributesA
TlsSetValue
FreeLibrary
LoadLibraryExW
OpenEventA
EnterCriticalSection
VirtualAlloc
GetVersion
GetVersionExA
GetDriveTypeW
GetCurrentThread
IsBadReadPtr
GetModuleFileNameA
GetExitCodeProcess
SetUnhandledExceptionFilter
GetThreadLocale
ExpandEnvironmentStringsW
CompareStringA

ole32

CoTaskMemAlloc
OleRegEnumVerbs
CoReleaseMarshalData
CreateDataAdviseHolder
CoTaskMemFree
CoCreateInstanceEx
GetHGlobalFromStream
CoGetInterfaceAndReleaseStream
ProgIDFromCLSID
CoGetClassObject
StgIsStorageFile
PropVariantClear
GetRunningObjectTable
WriteClassStm
CoImpersonateClient
CoGetMalloc
CoMarshalInterface
CoSetProxyBlanket
CoUninitialize
OleRegGetMiscStatus
PropVariantCopy
CoGetObjectContext
StgCreateDocfile

shlwapi

PathRemoveBackslashW
StrCmpNIA
StrCmpW
PathCombineW
PathIsRelativeW
PathIsUNCW
AssocQueryStringW
StrStrW
wnsprintfW
PathFileExistsW
PathGetDriveNumberW
PathRemoveFileSpecW
StrTrimW
StrCpyW
StrRetToBufW
PathFindFileNameW
PathFindExtensionA
SHStrDupW

ntdll

RtlSetOwnerSecurityDescriptor
RtlUnicodeToMultiByteN
RtlSetEnvironmentVariable
RtlMultiByteToUnicodeN
RtlRunEncodeUnicodeString
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToAnsiSize
RtlInitAnsiString
RtlExpandEnvironmentStrings_U
RtlCopySid
RtlAddAccessAllowedAce
NtCreateFile
RtlUnicodeStringToOemString
RtlInitializeSid
RtlQueueWorkItem
RtlSetDaclSecurityDescriptor
NtQueryAttributesFile
atol
RtlCreateSecurityDescriptor
RtlValidSid
NtDeviceIoControlFile
RtlGetOwnerSecurityDescriptor
NtFreeVirtualMemory
RtlUnicodeToOemN
RtlUnwind
RtlGetNtProductType
RtlCompareMemory
NtQueryKey
NtRequestWaitReplyPort
NtQuerySystemTime

oleaut32

SafeArrayPtrOfIndex
SafeArrayGetElement
LoadTypeLib
GetErrorInfo
SafeArrayAccessData
VariantCopy
SysAllocStringLen
VariantInit
SysReAllocStringLen
SysStringLen
VariantChangeTypeEx
RegisterTypeLib
SysFreeString
GetActiveObject
SafeArrayUnaccessData
SysStringByteLen
CreateErrorInfo
OleLoadPicture
VariantChangeType
VariantClear

msvcrt

atol
__CxxFrameHandler
_amsg_exit
_strlwr
__p__osver
_access
_ltow
_XcptFilter
isalnum
_itow
_wcslwr
_cexit
wcstol
__setusermatherr
__set_app_type
_exit
_wsplitpath
_commit
_strdup
__p__iob
_write
strrchr
memset
_CxxThrowException
malloc
rand
srand
printf

rpcrt4

NdrDllGetClassObject
RpcRaiseException
IUnknown_AddRef_Proxy
RpcStringBindingParseW
RpcServerUseProtseqEpW
NdrServerCall2
RpcRevertToSelf
RpcBindingFromStringBindingW
CStdStubBuffer_IsIIDSupported
RpcStringFreeW
RpcServerRegisterIfEx
CStdStubBuffer_QueryInterface
RpcBindingFree
RpcStringFreeA
NdrOleAllocate
RpcBindingToStringBindingW
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
RpcBindingSetAuthInfoW
CStdStubBuffer_CountRefs
RpcServerUnregisterIf
NdrStubCall2
CStdStubBuffer_DebugServerQueryInterface
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Invoke
IUnknown_Release_Proxy

Sections

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 43KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eef886d32899f5381aeaf06073efb0d1

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

ntdll

oleaut32

msvcrt

rpcrt4

Sections

.rdata Size: 7KB - Virtual size: 7KB

.text Size: 9KB - Virtual size: 8KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: 10KB - Virtual size: 24KB

.idata Size: 43KB - Virtual size: 90KB

.rdata
Size: 7KB - Virtual size: 7KB

.text
Size: 9KB - Virtual size: 8KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: 10KB - Virtual size: 24KB

.idata
Size: 43KB - Virtual size: 90KB