397660c07acf60eb26e018d1d8a054b9290821be6d7f0d40ce4f5ef101b911e2

Sharing

Copy URL Twitter E-mail

General

Target

397660c07acf60eb26e018d1d8a054b9290821be6d7f0d40ce4f5ef101b911e2
Size

139KB
MD5

6355bd40d3e466970d84b6794a8d9267
SHA1

5ba351121af35385df49f8233bdbe8ac2464801f
SHA256

397660c07acf60eb26e018d1d8a054b9290821be6d7f0d40ce4f5ef101b911e2
SHA512

3805445f4cf214e6f137ff8f3bbfa783b7e2aab8ba0f88f598ae5800fa03f8a4c2983ecb876c1d9ed3e1e658765abeb3708b14c45c8a8f240822bff293b34b50
SSDEEP

3072:7mpIev6EFGLObwce3eykx4KoTehB7VUv6h+D3WfR16H3h05B01:xu6ESObR5yxTef7ViGfbiUBu

Score

N/A

Malware Config

Signatures

Files

397660c07acf60eb26e018d1d8a054b9290821be6d7f0d40ce4f5ef101b911e2
.exe windows x86

7a7dc815a6240bcfdd24edf64c4d804c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

HBRUSH_UserFree
OleCreateDefaultHandler
CoGetDefaultContext
CoQueryAuthenticationServices
ComPs_NdrDllGetClassObject
OleNoteObjectVisible
CoAllowSetForegroundWindow
CoLoadLibrary
CoPushServiceDomain
CoFreeUnusedLibrariesEx
HMETAFILE_UserMarshal
HMENU_UserSize
HPALETTE_UserFree
FmtIdToPropStgName
HGLOBAL_UserMarshal
CoQueryProxyBlanket
CreateItemMoniker
CoInitializeSecurity
CoGetObject
CoGetMarshalSizeMax
CoLockObjectExternal
OleRegEnumFormatEtc
WriteClassStm
OleConvertIStorageToOLESTREAMEx
CoGetInterceptorFromTypeInfo
SNB_UserFree
OleBuildVersion
RevokeDragDrop
CoSetProxyBlanket
OleGetAutoConvert
OleQueryCreateFromData
HWND_UserMarshal
DllGetClassObject

kernel32

PeekConsoleInputW
GetLocaleInfoW
Process32NextW
GetFullPathNameW
GetModuleHandleW
LoadLibraryW
DeleteFiber
SetPriorityClass
FlushConsoleInputBuffer
LocalHandle
VirtualAllocEx
GetCurrentThread
GetSystemDefaultUILanguage
Heap32Next
GetUserDefaultUILanguage

dssec

DllCanUnloadNow
DSCreateISecurityInfoObject
DllGetClassObject
DSCreateSecurityPage
DSCreateISecurityInfoObjectEx
DSEditSecurity

perfctrs

CollectNbfPerformanceData
CloseDhcpPerformanceData
OpenDhcpPerformanceData
OpenNbfPerformanceData
CloseTcpIpPerformanceData
OpenNWNBPerformanceData
CollectNWNBPerformanceData
OpenTcpIpPerformanceData

faultrep

ReportHang
AddERExcludedApplicationA
AddERExcludedApplicationW
ReportFault

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a7dc815a6240bcfdd24edf64c4d804c

Headers

File Characteristics

Imports

ole32

kernel32

dssec

perfctrs

faultrep

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 10KB - Virtual size: 9KB