f987366dc868ccad60492c0f9079c66d9ab4f6833a57554335ab7eef758a1cf8

General

Target

f987366dc868ccad60492c0f9079c66d9ab4f6833a57554335ab7eef758a1cf8
Size

431KB
MD5

08b94189077969d9cc8a8ba60eb96402
SHA1

b8bf839d5b5f8291d87bdfaf69a526d78a5bff6d
SHA256

f987366dc868ccad60492c0f9079c66d9ab4f6833a57554335ab7eef758a1cf8
SHA512

6cbcdb6ea4cb375a4bf5386ee51407de5ac1cbd1d5f739e1cc6af985f59e1914e6b82b0189f2a5c1576878a22d2d39feef4c109e0bfa7bd52633fce0892dc8bb
SSDEEP

12288:Ljdm57AiA9wSCYu6Ja1k3ajzjC6RM0p+X04C:LjiEiA9wStu6J4k32HR00

Score

N/A

Malware Config

Signatures

Files

f987366dc868ccad60492c0f9079c66d9ab4f6833a57554335ab7eef758a1cf8
.exe windows x86

d9e95f5230929b2a557281a4b5354f22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_CIsqrt
_strdup
asin
bsearch
is_wctype
wcsncmp
tmpnam
getc
_mbsnbcnt
_dup2
__dllonexit
_fcloseall
wcsstr
ldiv
_mbsicmp
_cscanf
_tzset
isxdigit
fgetwc
_strset

ncobjapi

WmiAddObjectProp
WmiCreateObject
WmiEventSourceConnect
WmiEventSourceDisconnect

kernel32

BaseInitAppcompatCacheSupport
TermsrvAppInstallMode
FillConsoleOutputAttribute
FindNextFileA
SetThreadPriorityBoost
LoadResource
SetThreadAffinityMask
LoadLibraryA
PrepareTape
UnlockFileEx
SetLocalPrimaryComputerNameW
CreateSemaphoreA
SetVolumeMountPointW
ReadConsoleA
lstrlenW
DeleteFileA
IsValidLocale
TzSpecificLocalTimeToSystemTime
GetCommandLineA
GetSystemTimeAsFileTime
lstrcpynA
GetACP
_lread

shlwapi

SHRegCloseUSKey
SHRegEnumUSValueA
StrToInt64ExA
UrlGetLocationA
PathUndecorateA
PathCommonPrefixA
PathStripToRootA

colbact

GetDefaultPartitionForSid
GetClassInfoForCurrentUser
PartitionAccessCheck
GetDefaultPartitionForCurrentUser

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 550KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9e95f5230929b2a557281a4b5354f22

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

ncobjapi

kernel32

shlwapi

colbact

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 160KB - Virtual size: 160KB

.data Size: 112KB - Virtual size: 550KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 1024B - Virtual size: 1016B

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 160KB - Virtual size: 160KB

.data
Size: 112KB - Virtual size: 550KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 1024B - Virtual size: 1016B