8b08ea35e1615b02d468985b97f82f2fe6883c6c8ac22de190a34a57619f2110

General

Target

8b08ea35e1615b02d468985b97f82f2fe6883c6c8ac22de190a34a57619f2110
Size

505KB
MD5

6b6ae33ce753a86f5f8a13607a120beb
SHA1

1763c8dffd569aa68a29b4059c93bd935f4512f8
SHA256

8b08ea35e1615b02d468985b97f82f2fe6883c6c8ac22de190a34a57619f2110
SHA512

b13e5c11780aa46cbabc6eff6cbb0c1558ea76f3c0b67125dbed2b274a88e52f4910ba19014b141e5a8e777c5339a6547056cff00307d466311c7a6e23f53d33
SSDEEP

12288:l7PnxtbfVoEfR2ACjsmx4pxwFYgxpWWK6BC0Y6AAqCA8Vw:p/xNGDA2xWxwhxjC0YJBCVw

Score

N/A

Malware Config

Signatures

Files

8b08ea35e1615b02d468985b97f82f2fe6883c6c8ac22de190a34a57619f2110
.exe windows x86

336f29183f6250e79c8551eb2116b301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSVirtualChannelRead
WTSVirtualChannelWrite
WTSSetSessionInformationA
WTSQueryUserConfigA
WTSCloseServer
WTSWaitSystemEvent
WTSSendMessageA
WTSSetUserConfigA
WTSUnRegisterSessionNotification

dsprop

CheckADsError
ReportError
MsgBox

clbcatq

CheckMemoryGates
ComPlusMigrate
SetupOpen
SetSetupSave
DllGetClassObject

ntshrui

GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
IsPathSharedA
IsFolderPrivateForUser
IsPathSharedW

kernel32

MoveFileA
IsBadWritePtr
GetEnvironmentVariableA
GetCPInfo
GetConsoleAliasA
GetModuleHandleA
CreatePipe
HeapCreate
FindResourceA
GetComputerNameA
CreateMutexA
GetBinaryTypeA
IsBadStringPtrA
GetFullPathNameA
FoldStringA
EncodeSystemPointer

uxtheme

DrawThemeBackground
SetWindowTheme
GetThemeTextMetrics
OpenThemeData
GetThemeColor
GetThemeBool
CloseThemeData
DrawThemeEdge

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 655B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 492KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

336f29183f6250e79c8551eb2116b301

Headers

File Characteristics

Imports

wtsapi32

dsprop

clbcatq

ntshrui

kernel32

uxtheme

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 655B

.rsrc Size: 492KB - Virtual size: 1008KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 655B

.rsrc
Size: 492KB - Virtual size: 1008KB