0c66aa039efc18292a8be34483d98914139f04ff53d01566383f204384b72adf

General

Target

0c66aa039efc18292a8be34483d98914139f04ff53d01566383f204384b72adf
Size

112KB
MD5

6edbcbabef8b33f1e926f77304386040
SHA1

0a9ca8937fc315a18c34d39d57f5ffa9dd979511
SHA256

0c66aa039efc18292a8be34483d98914139f04ff53d01566383f204384b72adf
SHA512

b2f3de8f0de397ecd262cbd2fca179aa5194118c89ccba4c701f4a824fd06e4ca1815ff82778a4eafa076b0be15244d92c474832fe63b7de6eb7b96644382173
SSDEEP

3072:af5a6Ekn4SdI7RohSSPzBmnas3I+usaHZvlgCRs0Gb/:asmn4SdI9ohfPzIaH+Za5iCkr

Score

N/A

Malware Config

Signatures

Files

0c66aa039efc18292a8be34483d98914139f04ff53d01566383f204384b72adf
.exe windows x86

0612f84a8479c8fcf8e0fa08c62daafc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetKernelObjectSecurity
GetSidSubAuthority
LookupPrivilegeValueW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
LookupAccountNameW
InitializeAcl
StartServiceW
SetSecurityInfo
QueryServiceConfigW

ole32

CoSuspendClassObjects
OleCreateStaticFromData
OleDraw
OleInitialize
OleNoteObjectVisible
OleCreateLinkFromData
OleCreateLink
CoMarshalHresult
CoGetObject
OleDestroyMenuDescriptor
CoGetClassObject

ulib

?MachinePlatform@@3VMACHINE@@A
??1BITVECTOR@@UAE@XZ
??0ARRAY@@QAE@XZ
?Strcmps@WSTRING@@SGHPAG0@Z
?Cast@SCREEN@@SGPAV1@PBVOBJECT@@@Z
?IsValueSet@ARGUMENT@@QAEEXZ
?QueryWCExpansion@PATH@@QAEPAV1@PAV1@@Z
??1LIST@@UAE@XZ
?IsCorrectVersion@SYSTEM@@SGEXZ
??0STRING_ARGUMENT@@QAE@XZ
?IsYesResponse@CHKDSK_MESSAGE@@UAEEE@Z
?Allocate@MEM_ALLOCATOR@@QAEPAXK@Z
??0PATH_ARGUMENT@@QAE@XZ
?Initialize@CONT_MEM@@QAEEPAXK@Z

user32

GetDoubleClickTime
GetCursorPos
DefMDIChildProcW
MoveWindow
SendMessageW
PostMessageW
SetCursor
GetClassNameW

kernel32

SetCurrentDirectoryW
WaitForSingleObject
SetCalendarInfoA
FreeResource
SetDefaultCommConfigW
GetCurrentConsoleFont
RegisterConsoleVDM
GetTapePosition
Process32Next

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0612f84a8479c8fcf8e0fa08c62daafc

Headers

File Characteristics

Imports

advapi32

ole32

ulib

user32

kernel32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB