0b1a8f76f92d01f5e3f2296f503bec0cf428a14874cf68d723628ea0e1089eb5

General

Target

0b1a8f76f92d01f5e3f2296f503bec0cf428a14874cf68d723628ea0e1089eb5
Size

81KB
MD5

6162b212a183ef4150354d2c00023750
SHA1

37948af8e1ce0c64ceae234596be765fea653ae8
SHA256

0b1a8f76f92d01f5e3f2296f503bec0cf428a14874cf68d723628ea0e1089eb5
SHA512

a099f12aec9f295ee27d6308923f44cab12ba16f8ee24dfa061772fed5716c9691a18e6e1c55d3503afaf830cc695cb86ca8de78ab97b02756500ec0e9ebd8cf
SSDEEP

1536:ENRmxmal+w1Xcr2lGSslDbS8nwSZ6W+fqpTmUv4BZL0IFhgY:EW0wpcqYzDbJnwSZ6z3ZLlFhgY

Score

N/A

Malware Config

Signatures

Files

0b1a8f76f92d01f5e3f2296f503bec0cf428a14874cf68d723628ea0e1089eb5
.exe windows x86

c12c88c3526264f98b6a2b3226dfea82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateEventW
SetLastError
CreateEventW
TlsGetValue
GetStartupInfoA
HeapFree
GetCurrentThread
ResumeThread
VirtualProtect
GetStringTypeW
GetVolumePathNameA
GetProcessVersion
lstrlenA
GetDriveTypeA
SuspendThread
LoadLibraryW
CreateEventW
GetPrivateProfileSectionA
FindAtomW
DeleteFileA
GetProcessHeap

clbcatq

CheckMemoryGates
ComPlusMigrate
DllGetClassObject
DllGetClassObject
CheckMemoryGates
SetupOpen
ComPlusMigrate
CheckMemoryGates
SetupOpen
ComPlusMigrate
CheckMemoryGates
SetupOpen
CheckMemoryGates

gpedit

BrowseForGPO
DllGetClassObject
DllCanUnloadNow
ExportRSoPData

Sections

.text
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c12c88c3526264f98b6a2b3226dfea82

Headers

File Characteristics

Imports

kernel32

clbcatq

gpedit

Sections

.text Size: 1024B - Virtual size: 636B

.data Size: 3KB - Virtual size: 11KB

.rdata Size: 512B - Virtual size: 352B

.rsrc Size: 74KB - Virtual size: 74KB

.orpc Size: 512B - Virtual size: 4KB

.import Size: 512B - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 636B

.data
Size: 3KB - Virtual size: 11KB

.rdata
Size: 512B - Virtual size: 352B

.rsrc
Size: 74KB - Virtual size: 74KB

.orpc
Size: 512B - Virtual size: 4KB

.import
Size: 512B - Virtual size: 4KB