2b8a50c3a1cc4f2b2bac888586521e998c99edc0ea4c827218e181eace341bc5

Sharing

Copy URL

Twitter E-mail

General

Target

2b8a50c3a1cc4f2b2bac888586521e998c99edc0ea4c827218e181eace341bc5
Size

74KB
MD5

50c60dfe69caf4ebc016af0e8acd0c00
SHA1

b89eabfd5ee4ff4fbbe788d2a31bb3b0e2119437
SHA256

2b8a50c3a1cc4f2b2bac888586521e998c99edc0ea4c827218e181eace341bc5
SHA512

e437313526a827cbd520037587191a7b8c7c68d43ab2aad8a5cb9aebbf9e39e72f732f06512927a313cda187e652ab5c7356a92acd849e275300e43af6ae32ca
SSDEEP

1536:f3gBrblld1Re0BLmFubF83km6Wc2cztFIJA0WmTj:f3gBrblldSo4ubAkmldczt+j

Score

N/A

Malware Config

Signatures

Files

2b8a50c3a1cc4f2b2bac888586521e998c99edc0ea4c827218e181eace341bc5
.exe windows x86

74cf28b1679a15246ca4566b4201cdec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
SetFilePointer
GetCPInfo
OpenEventW
TlsGetValue
GetTickCount
GetLocaleInfoW
GetCommandLineA
GetDriveTypeW
VirtualAlloc
GetFileSize
GetSystemDirectoryW
GetSystemTimeAsFileTime
ExitProcess
WaitForSingleObject
WriteConsoleW
GetStringTypeW
HeapCreate
SetLastError

ole32

ProgIDFromCLSID
StgOpenStorage
StringFromGUID2
CoUnmarshalInterface
CoFreeUnusedLibraries
StgCreateDocfile
OleLoadFromStream
CoMarshalInterface
OleQueryCreateFromData
PropVariantCopy
CoInitializeEx
CreateOleAdviseHolder
CoDisconnectObject
StgIsStorageFile
WriteClassStm
OleUninitialize
CLSIDFromString
CoSetProxyBlanket
OleRegEnumVerbs
CoCreateInstanceEx
CreateBindCtx
CoRevokeClassObject
StringFromIID
OleInitialize
MkParseDisplayName

advapi32

GetSidIdentifierAuthority
AddAce
GetTokenInformation
RegEnumKeyA
DeleteService
SetSecurityDescriptorDacl
RegEnumValueA
RegQueryValueA
RegCreateKeyExW
SetFileSecurityW
RegQueryValueExA
LsaOpenPolicy
GetTraceEnableFlags
RegEnumKeyExW
RegFlushKey
SetThreadToken
CryptGenRandom
RegOpenKeyA
CheckTokenMembership
ConvertSidToStringSidW
GetSecurityDescriptorLength
QueryServiceConfigW
RegSetValueA

msvcrt

malloc
fopen
_ftol
iswalpha
_ultoa
floor
_snwprintf
_errno
strlen
_purecall
__badioinfo
wcstoul
_rotr
__p__fmode
rand
swscanf
_rotl
ctime
mbstowcs
iswctype
_access
wcsncat
_write
__p__osver
_wcslwr
strstr
fclose
_ltoa
_chsize
_wfopen
_ltow
calloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74cf28b1679a15246ca4566b4201cdec

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 8KB

.idata Size: 13KB - Virtual size: 29KB

.rdata Size: 43KB - Virtual size: 88KB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 8KB

.idata
Size: 13KB - Virtual size: 29KB

.rdata
Size: 43KB - Virtual size: 88KB